81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
creat(&(0x7f0000000140)='./file0/file0\x00', 0x0)
r2 = open(&(0x7f0000000780)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000400)='./file0/file0\x00', r2, &(0x7f0000000100)='./file0\x00', 0x2)

00:23:46 executing program 4:
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000001580), r0)

[  242.556603][ T1033]  loop2: p2 < > p3 p4
[  242.562710][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  242.591257][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  242.597539][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 3:
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
creat(&(0x7f0000000140)='./file0/file0\x00', 0x0)
r2 = open(&(0x7f0000000780)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000400)='./file0/file0\x00', r2, &(0x7f0000000100)='./file0\x00', 0x2)

[  242.671235][T19053] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19053 comm=syz-executor.4
[  242.724986][ T1033]  loop1: p2 < > p3 p4
[  242.727127][T19066] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19066 comm=syz-executor.4
[  242.733554][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  242.757313][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  242.763565][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  242.806265][ T1033]  loop5: p2 < > p3 p4
[  242.810693][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  242.817806][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  242.823994][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  242.851545][ T1033]  loop1: p2 < > p3 p4
[  242.855665][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  242.862692][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  242.868840][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  242.888225][ T1033]  loop5: p2 < > p3 p4
[  242.892467][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  242.899212][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  242.905582][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:46 executing program 4:
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000001580), r0)

00:23:46 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
clone(0x20002004dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0xee00, r3)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

00:23:46 executing program 5:
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
creat(&(0x7f0000000140)='./file0/file0\x00', 0x0)
r2 = open(&(0x7f0000000780)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000400)='./file0/file0\x00', r2, &(0x7f0000000100)='./file0\x00', 0x2)

00:23:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000005c0)="66530700ae897094e71b2ea1f107000000154603812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef0608003ea1315b95", 0x38}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x1e)
ptrace$cont(0x18, r1, 0x0, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r1, 0x0, 0x2)

[  243.072509][ T1033]  loop2: p2 < > p3 p4
[  243.076845][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  243.093374][T19111] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19111 comm=syz-executor.4
[  243.108771][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  243.115174][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 5:
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000000c0)='./file0\x00')
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
creat(&(0x7f0000000140)='./file0/file0\x00', 0x0)
r2 = open(&(0x7f0000000780)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000400)='./file0/file0\x00', r2, &(0x7f0000000100)='./file0\x00', 0x2)

00:23:46 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
clone(0x20002004dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0xee00, r3)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

00:23:46 executing program 4:
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000001580), r0)

[  243.131047][T19112] new mount options do not match the existing superblock, will be ignored
00:23:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 4:
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000001580), r0)

[  243.209592][T19135] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19135 comm=syz-executor.4
[  243.238622][ T1033]  loop5: p2 < > p3 p4
[  243.243168][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  243.249983][T19137] new mount options do not match the existing superblock, will be ignored
00:23:46 executing program 3:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

00:23:46 executing program 5:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

00:23:46 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
clone(0x20002004dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0xee00, r3)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

00:23:46 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x17f)
write(0xffffffffffffffff, &(0x7f0000000180)="1d0000004a005f6841f9f424000904000a", 0xfffffdd8)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

[  243.284926][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  243.291131][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  243.329778][T19156] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19156 comm=syz-executor.4
[  243.364872][T19162] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
[  243.372017][T19159] new mount options do not match the existing superblock, will be ignored
[  243.376846][T19165] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
[  243.383989][ T1033]  loop1: p2 < > p3 p4
[  243.400412][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  243.415015][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  243.421230][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  243.439659][ T1033]  loop1: p2 < > p3 p4
[  243.443798][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  243.451171][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  243.457320][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  243.473177][ T1033]  loop5: p2 < > p3 p4
[  243.477307][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  243.484349][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  243.490560][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  243.507340][ T1033]  loop5: p2 < > p3 p4
[  243.511466][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  243.518149][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  243.524367][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  243.541442][ T1033]  loop1: p2 < > p3 p4
[  243.545717][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  243.552982][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  243.559230][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:49 executing program 2:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

00:23:49 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x180, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth={0x48, 0x2, {{'blake2b-256\x00'}}}]}, 0x180}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0xf1, 0x0)

00:23:49 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5405, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "42331cba18d8023a"})

00:23:49 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x17f)
write(0xffffffffffffffff, &(0x7f0000000180)="1d0000004a005f6841f9f424000904000a", 0xfffffdd8)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

00:23:49 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
clone(0x20002004dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
fstat(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0xee00, r3)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

00:23:49 executing program 5:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

[  246.086767][ T1033]  loop2: p2 < > p3 p4
[  246.090993][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  246.114433][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  246.120645][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:49 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5405, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "42331cba18d8023a"})

00:23:49 executing program 5:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

00:23:49 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x17f)
write(0xffffffffffffffff, &(0x7f0000000180)="1d0000004a005f6841f9f424000904000a", 0xfffffdd8)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

[  246.129479][T19206] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
[  246.139427][T19205] new mount options do not match the existing superblock, will be ignored
00:23:49 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x141800, 0x0)
read$rfkill(r0, 0x0, 0x0)

00:23:49 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5405, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "42331cba18d8023a"})

[  246.204047][ T1033]  loop5: p2 < > p3 p4
[  246.219781][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  246.240978][T19222] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
00:23:49 executing program 2:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

00:23:49 executing program 5:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

[  246.241409][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  246.256553][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:49 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x180, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth={0x48, 0x2, {{'blake2b-256\x00'}}}]}, 0x180}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0xf1, 0x0)

00:23:49 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x141800, 0x0)
read$rfkill(r0, 0x0, 0x0)

00:23:49 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5405, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "42331cba18d8023a"})

00:23:49 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7ff}, 0x17f)
write(0xffffffffffffffff, &(0x7f0000000180)="1d0000004a005f6841f9f424000904000a", 0xfffffdd8)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

00:23:49 executing program 2:
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_nlink(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={'U+', 0x4}, 0x16, 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000025c0)=[{{&(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev}, 0x1c, &(0x7f00000013c0)=[{&(0x7f00000001c0)="85525f6b0196a105342ca2c910a031", 0xf}, {&(0x7f0000000240)="f1348694b932cfbbab283c8be2797df57e39d64989c3ed83d71c62f61bd032ff68bb18ff40a18a99d2ac03bb6cdc09e8ce6ad932837d6e0612e0b53cb78c0bd7d52a40d252ced3da01379a62632d2267e555bac364a3df956f9850e36c87cbba70bd66da0f2356d01d32985012495b59a7e4e4cdc7313cb7b12890e00365d574c6804c34f31598df58f49d03845ca84d40b0b46e77f7b64e908d25f5eee7e8235adcf69adf030b73ca8e9d1c959b3994383824978102647ef1d1b0f16b762f26be7cdeb4325f3a383ee43f7c363dc0da55241ec1d97b", 0xd6}, {&(0x7f0000000340)="77a841e4d9aa8a158e7785f3ddbbc2a8821606282b01260d16a74edb09dbe0d350cb95ed7bdc44c46fd75a40c9bd3a9672ac61e390de5b1158ed900f471501da829d0a9e7c89d6133fb8db", 0x4b}, {&(0x7f00000003c0)="94ea8c53b91a0dec7c1eed18c481de6d05bca48959447ea3fe2726b397decaa75797dadf7ff7aec6042a996d16a76bbe78422ac8fb8da7f126762f66f7e4aa4ddbe55e1b83ea4a1b543b82811999850c3d18b4d1134fbf7b9e638e71b577d47712a55ba79b91c20eafea77de09f76be1dc09cf6965091469d1f5f6b88df3a3bc19063b6466d390d3c1e530446215cdd095bc21ff638ad846075213122189e93a4d009200104b6cf871f3a2c36ccdf93fcff3407ca36feb2488d0e6ddb9c9709915c9c7a3e905bb0ba800d5127bff5dd06b9cfe4de9530c2c0b2e1f578f426c69944c26dcaf54159856cf8c9a169546a1fa59e87f759cc03c3fc2c9e186edb3ae0c27880289c0f7b52da7feb6e8bbfaf6bce2c32e69ba61ef3aa418c115ebddd1c01541f7e8c4451444045b525560ee6bd9fcb28084a5ce9ffb8bbf529fe66216e6b4cd0c427882262afcc0b829e46881693ddc7aecb6e9b3d66c3ac223a43358b841d421ad1d378ee6789512ee237de757c8e21234a7699839f0bcc9acdcd16d19776c32968771f9be8bb95a5c6c8812556ae9a8ec328e009127bf4068b9e6eb032d0c3348bee4802bec20da445d419a62dde19566e5c03279be2896d905ad51336cf6c4d84bbc2cd43c3e5ed4701700273bbfb68ad12915e89e9bb5158673275e08b994e923e844652fc6a05af4c15d3a453d9152df7bd4153584bffa51ce848639d51ebd367616605e83a25caf3a87fa83cfc9e6636a81cabc1e84aac677bc9f3ef8ca5695bc87fd504c669c1fc6bea410e1d7e464a189d9b4dbb6921f1e29024ca8136314842ab153794f62e6fb64f16951d8aabf02583a69b59bd5e477fc6bf5919595f9a266d1c485fe43021139145dca2d652cc136b50c2b2df0b9cbd57f32a7620ae26e6ec2d25dd371189a49af434067c03d799770edf2b03f06b963f8b4856d92364ee33b13a9d9d9edc62304b8fe2082083a82e3b95dd55118d5533fbd847d2728f36f1df09c318d44e6895b03d55bceecb48d22caf5cb51772c3107629f258a1ba5eafb18e3fdcbe35708e380081c1ec16af0967842e72a432e0e5ecc464ddcbed7edc7b8f9f08cf3919d77c6b6798da95afee6473b3d6bcd494f51c227b8cfa26e1282a0ce9a830796e2589d8ce21e62c2c7b61ca7dba909885b0acaed902cfafdf759664ff24bd9c01982eacb1eaf2451c4ed7b35ff3d1695088b796cdb98a2742f0038209e57cfda33de2f23fb4ff7e8dd0be9859bea21d3d24e5554b2f1ab40053a115e808edf25a4d231b22c07d98269f98125fcbad42f81fd7c5083df4264a39330a51b95a78723a1d42e71237ce9254f76d5cd7d0c457f64d8d9ac3dba9720fb79cb4cf9cf002d1b21d0b82490c12c60d9ba490e5eb10001c7356be340e67319db255238da8a819cf10a8b57181b3612ba584bb7b1ce5a36f0b351db034295dcb75287456bdd91eb3f62ad329df151abf04ed2f53945c50a6d8b8ec449d62e3b25a50fae83ce708a1078b28af8b857b11d55e421f72ff4eb1232750607a727f67dbd01cf6a66c3a1485b4070a7ce122ddd254a441a5d4652580889", 0x464}], 0x4, &(0x7f0000001440)=[@dstopts_2292={{0x30, 0x29, 0x3, {0x0, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast2}]}}}], 0x30}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001500)="e6", 0x1}], 0x1}}], 0x4000393, 0x2004c840)
io_submit(0x0, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f00000008c0), 0x0, 0x400040)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xd9f, 0x0)

00:23:49 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2400}, 0x0)

[  246.341392][ T1033]  loop1: p2 < > p3 p4
[  246.345613][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  246.353243][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  246.359456][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  246.416950][ T1033]  loop2: p2 < > p3 p4
[  246.432225][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  246.450153][T19252] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
00:23:49 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x141800, 0x0)
read$rfkill(r0, 0x0, 0x0)

00:23:49 executing program 2:
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000100)=0x1)
write(r0, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00)
sendfile(r0, r0, 0x0, 0x11f07)

00:23:49 executing program 4:
r0 = perf_event_open(&(0x7f0000001140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f0000000040))

00:23:49 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2400}, 0x0)

00:23:49 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x141800, 0x0)
read$rfkill(r0, 0x0, 0x0)

[  246.465586][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  246.471834][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:49 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

[  246.558312][ T1033]  loop1: p2 < > p3 p4
[  246.570838][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  246.591732][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  246.597917][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x180, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth={0x48, 0x2, {{'blake2b-256\x00'}}}]}, 0x180}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0xf1, 0x0)

00:23:50 executing program 4:
r0 = perf_event_open(&(0x7f0000001140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f0000000040))

00:23:50 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2400}, 0x0)

00:23:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$inet(0x10, 0x80003, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000180003041dfffd946f6105000214010a1f0000080c100800080012000a000000140000001a00ffffba16a0aa1c0900000a000000", 0x38}], 0x1}, 0x0)

00:23:50 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

00:23:50 executing program 2:
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000100)=0x1)
write(r0, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00)
sendfile(r0, r0, 0x0, 0x11f07)

[  246.617623][ T1033]  loop5: p2 < > p3 p4
[  246.621994][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  246.630992][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  246.637171][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

00:23:50 executing program 2:
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000100)=0x1)
write(r0, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00)
sendfile(r0, r0, 0x0, 0x11f07)

00:23:50 executing program 4:
r0 = perf_event_open(&(0x7f0000001140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f0000000040))

00:23:50 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2400}, 0x0)

00:23:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$inet(0x10, 0x80003, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000180003041dfffd946f6105000214010a1f0000080c100800080012000a000000140000001a00ffffba16a0aa1c0900000a000000", 0x38}], 0x1}, 0x0)

[  246.712090][ T1033]  loop1: p2 < > p3 p4
[  246.730691][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:23:50 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

[  246.765319][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  246.771601][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  246.823266][ T1033]  loop1: p2 < > p3 p4
[  246.831251][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  246.843345][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  246.849668][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  246.880884][ T1033]  loop1: p2 < > p3 p4
[  246.885078][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  246.891873][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  246.898130][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0x180, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth={0x48, 0x2, {{'blake2b-256\x00'}}}]}, 0x180}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0xf1, 0x0)

00:23:50 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

00:23:50 executing program 4:
r0 = perf_event_open(&(0x7f0000001140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ID(r0, 0x4008240b, &(0x7f0000000040))

00:23:50 executing program 2:
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000100)=0x1)
write(r0, &(0x7f0000001400)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc34575db414ea42ad87a65b11ae5506469db256c421328f45aec73bdf18562447dc2840bbe9fc84dedd0fe6276fa174f21210d40193530ec7a70a9e60bfd6b00cba4d483be59950f16fa0dbd089b5fd0bb078badfcf42270cc62fe37be22b0d81f755263d74636fa466d2574ca62b58c649936d21e949de73ea45df3acade6609413f56fc218d6f11947bf1fd629d38d8acce90ee3c1a51117601ae126bec537e3e76ce7ecc53cfeefee8aaa104aa853a65aadf27bac9849ee0122793b11cd8e4f32fb07afa39e439cb738c30a6df958160aac15c26032a61aaf614b2e6601581fb0ab8d115e045005dee3df8ea42643cbcbb0b111130c42c94b7e874cfee50d5c2eb13b3a38c417fce9d740b7d43120431a7d44bc3934ee87b112401cbee3553837b6a0b4b3faaceb46eca4064301c8060870350e256ac9d5557f674536b9d9717a82fa211e7dfb52ca410d8a4f2f6b733c2a082f247538a6c40f56cf64204e62515db692f32733ff6f4b0787ef305d5e80881375467ae603ac3600e688c42f89a4fea4fdda09a8d59e19457c654a98c8129a8c65bae3310af2b170729e18400c915d0a2f4c4fc51747846630b95ec181228bda7ef48ad389815aa82de6c4a3b0746c28c01f9ec697ff17f095e1cf9d2fe78fdab9cbb1ca7aefc8af6a0cd98444735fad79e394a8f9c2fd358c3cde4ca6d57a620d0bb52dc6ff93f034b596f407c21511cc2c5ec8b0ede7f5c0acca61939ac7f2cad820c15133e69507eaa739e9a88936f4a74f0ad1574a1591f31f582a76157d89805cb3ba5e8d10509bf7a08e928653b4f05ba797a06765b74c8759fc34178624c08a2b99e59bcff5d33af2b0f9176b56c35f4da31c751a4c2fd88a1997cd9fc9bbf78220731d4c8cea23be1fd29c36b34d8458b7021ebcfafdc7e54096e517da3eb684298f742532d776164d9c9658e5faca0a3b08afca1bc27ed357884f49fe51bd0c38057f4288f1917e36e3865310b5eed140aef6150ae363293cf7467abd5e06cd7af5e2c49e7c5253a1155741e380bccb023a0faed93d9a64512d72436f1ef4ac0904a413e45164c23413bd57274a0a951c41a9a43aed094d4ea5c480ce64663cc9d36723179e2b19a48e9277a6591bbd888a06e0f2f142cd4495be4ba7274d69ba32a2788b935b2f18c5f336cb9de062829e2e0bb476efb36c3f53a766c14314f31637a464ac59d378ad7f51bef8d88715613653a427038e0d3e4dc3948bb1d70eb55c91c92f7510b1c0387253b458d2c90d17238f9eb239c680179a6c1e0759be367963e3b4d7395fd3911626582a094e6a8d0e746242f94267a4c57d5b2360ce3a6f7f3e3c10e124a54ed24d1585bc7b731cf731c94ee00ebf070b999b9bf28d76bfec9dcf12fcce2b9c4444c706ec6b943b5f39e9151a764ba1cd0cd6c1c7cdc3aa824cf17da705be27a18fbee41be39d6ae4dd4312f5f4bfee2c5bb21d941666f9d79b0f80c9b1bace84a05d2b0e3be1c3fd04d72b4b0124595c435813969d413960fddc858730a433383f3bc0472cb7683ea569e001f00"/3584, 0xe00)
sendfile(r0, r0, 0x0, 0x11f07)

00:23:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$inet(0x10, 0x80003, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000180003041dfffd946f6105000214010a1f0000080c100800080012000a000000140000001a00ffffba16a0aa1c0900000a000000", 0x38}], 0x1}, 0x0)

00:23:50 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x6, 0x0, 0x0, 0x0, 0x0, "8dda04075b3c7d00002c00"})

[  246.938415][ T1033]  loop2: p2 < > p3 p4
00:23:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$inet(0x10, 0x80003, 0x0)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000180003041dfffd946f6105000214010a1f0000080c100800080012000a000000140000001a00ffffba16a0aa1c0900000a000000", 0x38}], 0x1}, 0x0)

00:23:50 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

00:23:50 executing program 0:
prlimit64(0x0, 0x7, &(0x7f0000000080)={0x0, 0x80000001000000}, 0x0)

00:23:50 executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="00040000000000000a00000000000000ff"], 0x90)

[  246.961764][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  246.977745][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  246.983951][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newae={0x40, 0x1e, 0xe21, 0x0, 0x0, {{@in6=@local}, @in=@multicast1}}, 0x40}}, 0x0)

00:23:50 executing program 1:
unshare(0x40400)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0x40189206, 0x0)

[  247.068733][ T1033]  loop5: p2 < > p3 p4
[  247.084663][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  247.105778][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  247.112296][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  247.138925][ T1033]  loop5: p2 < > p3 p4
[  247.143174][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  247.150554][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  247.156783][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 1:
unshare(0x40400)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0x40189206, 0x0)

00:23:50 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2}, &(0x7f0000000140)=0x20)

00:23:50 executing program 0:
prlimit64(0x0, 0x7, &(0x7f0000000080)={0x0, 0x80000001000000}, 0x0)

00:23:50 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newae={0x40, 0x1e, 0xe21, 0x0, 0x0, {{@in6=@local}, @in=@multicast1}}, 0x40}}, 0x0)

00:23:50 executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="00040000000000000a00000000000000ff"], 0x90)

00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094d2f055de8098ab5bfbe42829a773c0c9605aa0bba5fd63343239d4a279d31a0c5f2386191c7aee3115ef0441c40671bec467d4182e6eb56585656007a1062c4b64862cff00b01e1855ef88b9bbcea4", 0x57}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x5)
tkill(r1, 0x34)
ptrace$cont(0x18, r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  247.174062][ T1033]  loop2: p2 < > p3 p4
[  247.178166][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  247.185412][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  247.191573][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x20, 0x4)

00:23:50 executing program 1:
unshare(0x40400)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0x40189206, 0x0)

00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094d2f055de8098ab5bfbe42829a773c0c9605aa0bba5fd63343239d4a279d31a0c5f2386191c7aee3115ef0441c40671bec467d4182e6eb56585656007a1062c4b64862cff00b01e1855ef88b9bbcea4", 0x57}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x5)
tkill(r1, 0x34)
ptrace$cont(0x18, r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:23:50 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newae={0x40, 0x1e, 0xe21, 0x0, 0x0, {{@in6=@local}, @in=@multicast1}}, 0x40}}, 0x0)

00:23:50 executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="00040000000000000a00000000000000ff"], 0x90)

00:23:50 executing program 0:
prlimit64(0x0, 0x7, &(0x7f0000000080)={0x0, 0x80000001000000}, 0x0)

00:23:50 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x20, 0x4)

[  247.269311][ T1033]  loop1: p2 < > p3 p4
[  247.287513][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  247.306008][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  247.312388][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094d2f055de8098ab5bfbe42829a773c0c9605aa0bba5fd63343239d4a279d31a0c5f2386191c7aee3115ef0441c40671bec467d4182e6eb56585656007a1062c4b64862cff00b01e1855ef88b9bbcea4", 0x57}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x5)
tkill(r1, 0x34)
ptrace$cont(0x18, r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:23:50 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newae={0x40, 0x1e, 0xe21, 0x0, 0x0, {{@in6=@local}, @in=@multicast1}}, 0x40}}, 0x0)

00:23:50 executing program 0:
prlimit64(0x0, 0x7, &(0x7f0000000080)={0x0, 0x80000001000000}, 0x0)

00:23:50 executing program 4:
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="00040000000000000a00000000000000ff"], 0x90)

00:23:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094d2f055de8098ab5bfbe42829a773c0c9605aa0bba5fd63343239d4a279d31a0c5f2386191c7aee3115ef0441c40671bec467d4182e6eb56585656007a1062c4b64862cff00b01e1855ef88b9bbcea4", 0x57}], 0x4, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x5)
tkill(r1, 0x34)
ptrace$cont(0x18, r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:23:50 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x20, 0x4)

00:23:50 executing program 1:
unshare(0x40400)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0x40189206, 0x0)

00:23:50 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)

00:23:50 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = fork()
ptrace(0x10, r2)

00:23:50 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x19}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x70, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x4}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}]}, 0x12c}}, 0x0)

[  247.399916][ T1033]  loop5: p2 < > p3 p4
[  247.404274][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  247.430519][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  247.436837][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x0, 0xfffffffd, 0x0, 0x0, 0x0, "fd21aa391373d1e6c52c92d86666c60eb3b70d"})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x2)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000200)=0x1)
write(r1, &(0x7f0000000180)="b63db85e1e8d020000000000003ef0011dcc606a010000807018cebc9b97ae21b14d872c678ce22c94160096aa1fae1aaf84c4288f4f1749057306da365999d9b3b3d276365889c8", 0x48)
read(r1, &(0x7f0000000000)=""/103, 0x20000024)

00:23:50 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800001, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clock_adjtime(0x0, &(0x7f0000000080))

[  247.503960][ T1033]  loop2: p2 < > p3 p4
[  247.509822][T19448] sg_write: data in/out 167162/24 bytes for SCSI command 0x67-- guessing data in;
[  247.509822][T19448]    program syz-executor.0 not setting count and/or reply_len properly
[  247.518246][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  247.537031][T19451] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19451 comm=syz-executor.3
[  247.557807][T19451] validate_nla: 6 callbacks suppressed
[  247.557819][T19451] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  247.571418][T19451] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.579496][T19451] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.587549][T19451] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.595656][T19451] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
00:23:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)

00:23:51 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = fork()
ptrace(0x10, r2)

00:23:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800001, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clock_adjtime(0x0, &(0x7f0000000080))

00:23:51 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x20, 0x4)

00:23:51 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x80287010, 0xc04a01)

[  247.603730][T19451] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[  247.615273][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  247.621564][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  247.645253][T19463] sg_write: data in/out 167162/24 bytes for SCSI command 0x67-- guessing data in;
00:23:51 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x19}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x70, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x4}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}]}, 0x12c}}, 0x0)

00:23:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800001, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clock_adjtime(0x0, &(0x7f0000000080))

00:23:51 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = fork()
ptrace(0x10, r2)

00:23:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x0, 0xfffffffd, 0x0, 0x0, 0x0, "fd21aa391373d1e6c52c92d86666c60eb3b70d"})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x2)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000200)=0x1)
write(r1, &(0x7f0000000180)="b63db85e1e8d020000000000003ef0011dcc606a010000807018cebc9b97ae21b14d872c678ce22c94160096aa1fae1aaf84c4288f4f1749057306da365999d9b3b3d276365889c8", 0x48)
read(r1, &(0x7f0000000000)=""/103, 0x20000024)

[  247.645253][T19463]    program syz-executor.0 not setting count and/or reply_len properly
00:23:51 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x80287010, 0xc04a01)

00:23:51 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = fork()
ptrace(0x10, r2)

[  247.718562][T19480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19480 comm=syz-executor.3
[  247.732232][T19476] sg_write: data in/out 167162/24 bytes for SCSI command 0x67-- guessing data in;
[  247.732232][T19476]    program syz-executor.0 not setting count and/or reply_len properly
[  247.754658][T19480] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
00:23:51 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x80287010, 0xc04a01)

00:23:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)

00:23:51 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800001, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clock_adjtime(0x0, &(0x7f0000000080))

[  247.762808][T19480] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.763200][ T1033]  loop1: p2 < > p3 p4
[  247.770958][T19480] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.779854][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  247.783073][T19480] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.783084][T19480] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  247.783092][T19480] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
00:23:51 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x19}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x70, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x4}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}]}, 0x12c}}, 0x0)

00:23:51 executing program 4:
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0x6)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0xa1, 0x1a00})

[  247.810835][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  247.821509][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x0, 0xfffffffd, 0x0, 0x0, 0x0, "fd21aa391373d1e6c52c92d86666c60eb3b70d"})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x2)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000200)=0x1)
write(r1, &(0x7f0000000180)="b63db85e1e8d020000000000003ef0011dcc606a010000807018cebc9b97ae21b14d872c678ce22c94160096aa1fae1aaf84c4288f4f1749057306da365999d9b3b3d276365889c8", 0x48)
read(r1, &(0x7f0000000000)=""/103, 0x20000024)

00:23:51 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x80287010, 0xc04a01)

00:23:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)

[  247.861284][T19495] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19495 comm=syz-executor.3
[  247.896420][T19501] sg_write: data in/out 167162/24 bytes for SCSI command 0x67-- guessing data in;
00:23:51 executing program 4:
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0x6)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0xa1, 0x1a00})

00:23:51 executing program 5:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1b, &(0x7f0000000000), 0x4)

[  247.896420][T19501]    program syz-executor.0 not setting count and/or reply_len properly
[  247.924773][T19495] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[  247.936511][ T1033]  loop2: p2 < > p3 p4
[  247.954262][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:23:51 executing program 1:
add_key$keyring(&(0x7f0000000080), 0xfffffffffffffffe, 0x0, 0x0, 0x0)

00:23:51 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x15, &(0x7f00000004c0))
ptrace(0x4206, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000600)={0x0, 0x1, 0x1}, &(0x7f0000000640)=[{}])

00:23:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000000)={0x0, 0xfffffffd, 0x0, 0x0, 0x0, "fd21aa391373d1e6c52c92d86666c60eb3b70d"})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x2)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000200)=0x1)
write(r1, &(0x7f0000000180)="b63db85e1e8d020000000000003ef0011dcc606a010000807018cebc9b97ae21b14d872c678ce22c94160096aa1fae1aaf84c4288f4f1749057306da365999d9b3b3d276365889c8", 0x48)
read(r1, &(0x7f0000000000)=""/103, 0x20000024)

00:23:51 executing program 5:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1b, &(0x7f0000000000), 0x4)

00:23:51 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x19}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x70, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x4}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}]}]}, 0x12c}}, 0x0)

00:23:51 executing program 4:
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0x6)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0xa1, 0x1a00})

[  247.974162][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  247.980365][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:51 executing program 4:
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0x6)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000000)={0x0, 0xa1, 0x1a00})

[  248.035738][ T1033]  loop5: p2 < > p3 p4
[  248.048995][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  248.061294][T19528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19528 comm=syz-executor.3
[  248.070950][T19529] sg_write: data in/out 167162/24 bytes for SCSI command 0x67-- guessing data in;
00:23:51 executing program 1:
add_key$keyring(&(0x7f0000000080), 0xfffffffffffffffe, 0x0, 0x0, 0x0)

00:23:51 executing program 5:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1b, &(0x7f0000000000), 0x4)

00:23:51 executing program 0:
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r1, 0x1)
lseek(r1, 0x1200, 0x0)
r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x26)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, 0x0, 0x8400fffffffa)

00:23:51 executing program 1:
add_key$keyring(&(0x7f0000000080), 0xfffffffffffffffe, 0x0, 0x0, 0x0)

[  248.070950][T19529]    program syz-executor.0 not setting count and/or reply_len properly
[  248.091459][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  248.097697][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:51 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x15, &(0x7f00000004c0))
ptrace(0x4206, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000600)={0x0, 0x1, 0x1}, &(0x7f0000000640)=[{}])

00:23:51 executing program 4:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x407, 0xffffffffffffffff)

[  248.127661][T19528] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
00:23:51 executing program 3:
syz_mount_image$tmpfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={[{@nr_blocks={'nr_blocks', 0x3d, [0x6b]}}]})

00:23:51 executing program 1:
add_key$keyring(&(0x7f0000000080), 0xfffffffffffffffe, 0x0, 0x0, 0x0)

00:23:51 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x15, &(0x7f00000004c0))
ptrace(0x4206, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000600)={0x0, 0x1, 0x1}, &(0x7f0000000640)=[{}])

[  248.182771][ T1033]  loop1: p2 < > p3 p4
00:23:51 executing program 4:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x407, 0xffffffffffffffff)

00:23:51 executing program 5:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1b, &(0x7f0000000000), 0x4)

00:23:51 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x15, &(0x7f00000004c0))
ptrace(0x4206, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000600)={0x0, 0x1, 0x1}, &(0x7f0000000640)=[{}])

00:23:51 executing program 2:
r0 = semget$private(0x0, 0x1, 0x102)
semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f0000000180)=""/71)

00:23:51 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

[  248.220256][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  248.242821][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  248.249041][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  248.359897][ T1033]  loop1: p2 < > p3 p4
[  248.364687][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  248.371697][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  248.377938][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  248.395309][ T1033]  loop1: p2 < > p3 p4
[  248.399471][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  248.406426][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  248.412946][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  248.431281][ T1033]  loop1: p2 < > p3 p4
[  248.435680][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  248.442974][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  248.449163][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  248.502683][ T1033]  loop2: p2 < > p3 p4
[  248.506906][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  248.513626][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  248.519925][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:52 executing program 0:
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r1, 0x1)
lseek(r1, 0x1200, 0x0)
r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x26)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, 0x0, 0x8400fffffffa)

00:23:52 executing program 4:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x407, 0xffffffffffffffff)

00:23:52 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:52 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:52 executing program 2:
r0 = semget$private(0x0, 0x1, 0x102)
semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f0000000180)=""/71)

00:23:52 executing program 1:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x38)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x39, 0x0, 0x0)

00:23:52 executing program 2:
r0 = semget$private(0x0, 0x1, 0x102)
semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f0000000180)=""/71)

00:23:52 executing program 1:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x38)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x39, 0x0, 0x0)

00:23:52 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:52 executing program 4:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x407, 0xffffffffffffffff)

00:23:52 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:52 executing program 2:
r0 = semget$private(0x0, 0x1, 0x102)
semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f0000000180)=""/71)

[  249.036457][ T1033]  loop2: p2 < > p3 p4
[  249.042017][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  249.054788][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  249.060974][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  249.139145][ T1033]  loop5: p2 < > p3 p4
[  249.149261][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  249.160427][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  249.166614][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  249.183869][ T1033]  loop1: p2 < > p3 p4
[  249.188007][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  249.195266][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  249.201539][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  249.226664][ T1033]  loop2: p2 < > p3 p4
[  249.230847][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  249.237676][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  249.243922][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  249.263709][ T1033]  loop5: p2 < > p3 p4
[  249.268037][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  249.275130][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  249.281322][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  249.301798][ T1033]  loop1: p2 < > p3 p4
[  249.306148][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  249.313218][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  249.319408][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  249.344950][ T1033]  loop2: p2 < > p3 p4
[  249.349156][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  249.356002][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  249.362203][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:53 executing program 0:
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r1, 0x1)
lseek(r1, 0x1200, 0x0)
r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x26)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, 0x0, 0x8400fffffffa)

00:23:53 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x7ff}, 0x3f4)
write(r0, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f000000000ec0000000000000", 0x32)

00:23:53 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x9, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080), 0x4)

00:23:53 executing program 1:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x38)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x39, 0x0, 0x0)

00:23:53 executing program 2:
r0 = io_uring_setup(0x5a3a, &(0x7f0000000240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)

00:23:53 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000680), 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "7c95bcf3e1ad53a99a4ce44df7ce99487626a2dbbd09a61f759d95feb62ba83b"})

00:23:53 executing program 2:
r0 = io_uring_setup(0x5a3a, &(0x7f0000000240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)

00:23:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x7ff}, 0x3f4)
write(r0, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f000000000ec0000000000000", 0x32)

00:23:53 executing program 1:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x38)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x39, 0x0, 0x0)

00:23:53 executing program 3:
r0 = syz_io_uring_setup(0x2263, &(0x7f00000000c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180))
r1 = io_uring_setup(0x559e, &(0x7f0000000240))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x9, 0x0, r2)

[  249.980645][ T1033]  loop5: p2 < > p3 p4
[  249.984861][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:23:53 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

[  250.023160][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  250.029365][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  250.088284][ T1033]  loop2: p2 < > p3 p4
[  250.105718][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  250.115796][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  250.122061][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  250.141011][ T1033]  loop1: p2 < > p3 p4
[  250.145217][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  250.152157][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  250.158330][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  250.184708][ T1033]  loop1: p2 < > p3 p4
[  250.188971][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  250.195820][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  250.201998][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  250.219256][ T1033]  loop5: p2 < > p3 p4
[  250.223537][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  250.230760][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  250.236916][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  250.264866][ T1033]  loop1: p2 < > p3 p4
[  250.269040][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  250.275918][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  250.282228][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  250.300058][ T1033]  loop2: p2 < > p3 p4
[  250.304267][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  250.311054][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  250.317212][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:54 executing program 0:
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6900)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r1, 0x1)
lseek(r1, 0x1200, 0x0)
r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x26)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r0, r3, 0x0, 0x8400fffffffa)

00:23:54 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000680), 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "7c95bcf3e1ad53a99a4ce44df7ce99487626a2dbbd09a61f759d95feb62ba83b"})

00:23:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x7ff}, 0x3f4)
write(r0, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f000000000ec0000000000000", 0x32)

00:23:54 executing program 2:
r0 = io_uring_setup(0x5a3a, &(0x7f0000000240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)

00:23:54 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

00:23:54 executing program 3:
r0 = syz_io_uring_setup(0x2263, &(0x7f00000000c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180))
r1 = io_uring_setup(0x559e, &(0x7f0000000240))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x9, 0x0, r2)

00:23:54 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000680), 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "7c95bcf3e1ad53a99a4ce44df7ce99487626a2dbbd09a61f759d95feb62ba83b"})

00:23:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x7ff}, 0x3f4)
write(r0, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f000000000ec0000000000000", 0x32)

00:23:54 executing program 3:
r0 = syz_io_uring_setup(0x2263, &(0x7f00000000c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180))
r1 = io_uring_setup(0x559e, &(0x7f0000000240))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x9, 0x0, r2)

00:23:54 executing program 2:
r0 = io_uring_setup(0x5a3a, &(0x7f0000000240))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0)

00:23:54 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

[  250.987949][ T1033]  loop5: p2 < > p3 p4
[  250.992284][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  251.000982][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  251.007260][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:54 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000000680), 0x0, 0x0)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
ioctl$EVIOCSKEYCODE_V2(r0, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "7c95bcf3e1ad53a99a4ce44df7ce99487626a2dbbd09a61f759d95feb62ba83b"})

[  251.123124][ T1033]  loop2: p2 < > p3 p4
[  251.127316][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  251.138234][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  251.144430][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  251.162130][ T1033]  loop1: p2 < > p3 p4
[  251.166525][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  251.174650][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  251.180880][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  251.198107][ T1033]  loop5: p2 < > p3 p4
[  251.202406][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  251.209705][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  251.215882][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  251.249882][ T1033]  loop1: p2 < > p3 p4
[  251.254325][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  251.261836][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  251.268058][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  251.286407][ T1033]  loop5: p2 < > p3 p4
[  251.290910][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  251.297621][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  251.303809][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  251.321405][ T1033]  loop2: p2 < > p3 p4
[  251.325688][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  251.339704][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  251.345873][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:55 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

00:23:55 executing program 3:
r0 = syz_io_uring_setup(0x2263, &(0x7f00000000c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000180))
r1 = io_uring_setup(0x559e, &(0x7f0000000240))
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x9, 0x0, r2)

00:23:55 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x7fffffff, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

00:23:55 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

00:23:55 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x1d}, {0x16}]})
socket$inet(0x2, 0x0, 0x0)

00:23:55 executing program 0:
creat(&(0x7f0000000000)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6d706f6c3d7072656665723d72656c61746976653a302d4eb7"])

00:23:55 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

00:23:55 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
close(r0)

[  251.948511][   T25] kauditd_printk_skb: 88 callbacks suppressed
[  251.948522][   T25] audit: type=1326 audit(1622420635.376:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=19832 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
[  251.984006][ T1033]  loop1: p2 < > p3 p4
00:23:55 executing program 3:
set_mempolicy(0x4002, &(0x7f0000000000)=0x3, 0x64)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)

00:23:55 executing program 2:
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0xca9a3b, 0x0, &(0x7f0000009300))
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0)

00:23:55 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000000)=0x6203, 0x4)
set_mempolicy(0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x0, @private=0xa010100}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040090, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)

00:23:55 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
close(r0)

[  251.994388][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  252.016656][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  252.022897][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:55 executing program 3:
set_mempolicy(0x4002, &(0x7f0000000000)=0x3, 0x64)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)

00:23:55 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
pipe(0x0)
writev(r0, &(0x7f00000027c0), 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5ee, 0x9d4b027f0dfca9f8, @perf_config_ext={0x8, 0x80}, 0x1212, 0x1000, 0x6, 0x4, 0x6, 0x5, 0x9, 0x0, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
dup(0xffffffffffffffff)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f00000001c0))
vmsplice(0xffffffffffffffff, &(0x7f0000003e40)=[{0x0}, {&(0x7f0000002c40)="8f98069a4660e458e100236cf779b2f28804d73f0cafa14b9aa09f8cbbb6f25ff0c1d44f1a4f88d5007f94b311d30fac4b2cc1dda8aa558292bba419147464f71bfeb0d5798d25fe338844daa5be053a07e2829bba258cc24944849af85b6d65d8057dc6789c660c0fadd8d8b7ccd23e1a28a8427e7bfc068f3c6acfce37df1de41122c37a68bd882eea130b21fa2ee684cc8712cb920121f5885cdd9c011d851fc7a7d73af9a2c9a8ba68b2826a1c8eb3fc077f846dd76d348c2208bb5a75af257eaa06cde93851148b61365a38d163e862a8b04d42c758ae928f1fc17da5ccc6996fca8621639db37340cd1fa3c0cfb0d473c93c2bb0ff53ccc0af183b9cb77ecedd880c0cd8e85070eb4850979062d8ac7478dc7aa11e04574080302f39a355054a26d7277b1f409ebf04a04c1a1573767b98ab5d9822f8586b666ee9826a13d8a28a7a524581810b9aad69b10754bdb43bed7f0089d6342dccb2c24a0916095da1bd99e4d6acb9a594454832be6bc587f0a15af5a707f41531a1fb0d0b4c6dbdb46697e39003d4b6bf130d4d1af7b621c5262f6961670f3b7b4058e4ba0a695d35da8ad33297a4c7cc4093173a19a19b7bb129ced1781ef8b183f89adef857dd2f2605d36b2b75b66f36d5bdc42a93e924c820a1a2c83e168d4a7c133a067f1ecc906f811f467f65b8075edd0c7b4f7c8d1ab274baea8041a40e586f19fb040d96da065945edb0e71e5086e9de337aec8bc5d2a160df5e44350175928d3e60d9613b4d97e54db09c73212bb206a0f5e36655451a8cb1eab61870909fcbe548b38f882b43a80fde8a34b9def678d15408d0757c55ff693ca3a839643de497ecc44e824d63596ad65799c32b753d921be19cad6d3a30714c593250fb3a91af2c9ad60bf1e2caa88789c842740aba56782e9a5d10ed6523be78d0d387724536f566f63eb3556894f0531521fe5d1ec1ececf9ef0016957bdc2962c49b007d131e1f62f34d8fdae026f7d06950cbd8f821ff20aea202d9fb67e0853e6eb5dba93bb5ac9e30de29d1b25122af45abf9bfd20730972270a314cfdc4254087c622c43f653c713553d62a4e8f3277974feccf80c8d1a47ddc6797ad3efd9abfb9903b125f359af0bf3746ac07b8f3947f676a00889ae7e14f093e03fbc359fd07fcd3965aeec77a8b73f252b833713516e7bbabc7ccbb3db42fbdc9e3a4df57baef7a03190dc82543d4fda28ecf9d0f59fbd44613c2afdee815ec117d8c9f265189297650873d5e95a700f0c5dd29c164f0525a73282698a05c300f3ef362cf775cd2f1bb914af566ee62e59263a858fc602ea3153753f3c2b9cc1bc05d86c0874281f8eaa92d3d6c34f21706eaaf6596b429a0fc1bce9f597cff55798cb775b1845b5d565b7913305aeb126f3938b88ad91ca01dbdb089145390d2e917a93ffb5631c08e2bb6a540847dc9c1cd66b429504c7bea77d96e5ce5b5b566cecc1576c55aa273293eeb3093b2fe90ac5976f252cedd5ed14fa52d3318bf80bf8a3744d75956c98f92f9e5b6ff998471a12ab4cce49c77f606031933780ca39dba72d4d728950968224f9c9f3e2faefc137d3ae29e42bf7637ee2349b94102a628b5e33ff96a59d89c2e23c31fb3539037cf9050e76fdbb4d8d619b4427287dee7167fb98b8b4305dc5119ae34e35adce2da5c9c9d5ff903569afc0ab8ad7928b776a27b2c639b3a1d999a701f35b80314da99a8f09bc3b17cd03480fa853c06ae4880997dc711bb39fb49d1e58be9a0cd631b290744f3375a4f656c42682fa7b05d1bea2f8c03f8f307026368c224f90d8b2c1a14f15f7e2d200d0e4713e60b7d7e956b42429b2f50d70c5f4522bbfbcb899508e55cad5d595c7af711bb528787b721861e19a741df224238682ada750a39c33207dc604bb69d3b32b4c3bec4f9775d88fc49d8f93b69e94382074f1b34fa6f9457e166ade60eb7343c7d2d49abcd0d7604ed884a76e71579f5c10a064a981d5d30820531b9db2761c71b76ad8d4fbc63f7424e932f645a0c06faa60913fe0e3b6553580e439080d76828983a249dc9c69fb66dc138aa6ff9ad477d0638017276b140363b08f5af76919cb257296663c32f5112f10002774571c06265d81348d2e3f0ef3843ea4789e1148f5c6034bffe1ab2e63e3cb13dd851d4cbc800bccd4a9d44c367fcc5b0ce8f292fbbb994cdbe02ff9a7cbb9954ff155dfe95711432bf0c4e5e69ceaa440ba4cebf73718d0df0664ba8166089b7561980f48b4012804e362bd757daf385d30b414283b5058004f285f816f10711a8fc7681258922d7a9f4d6c1a257885f9ef8e8d60b30bbcfba36cb1aa58926a27a32dd1986c0ae2fcc5363bec7ff942a3e297670843d8f7f76a40a01983baf9226fb5b8d27d8420c91007f4854a64897d218ba98607be8c526c06ecb7a5dd03fbf071714aba76f8058094f3c95af5bf4294abfed95bc2b316bd11b18c2693cc8cf29e52cfa16c9c74b330b15fbd729b6c9c7f99f497c47dcd46e36f6cb995d888c7d3be16226bcc15d5e13c63cd928cbe685cb0d733ea337f9ae287ed0f18745d004373c4486534dce49c6b1175cf01a5f845164acde01adb0762df99865088c39978e6f7ce69cb6153559730255d5f609ce3938b4e85c0cbfca4a24da6edd56eea5304a500ee11fa4f6420425470e0568bce2720ea42e8e19ec9006127963d7a4c1b4e49184c5b4a516e4286402041db4258554a13df2344de5faa59dfa41dc926903fb7ace00c177530455c83576d246eaba10869f25caf8ead97873ce8f8c19e967d5cd6aeb7d2d18371ca18905046c3c2460c078a4e595458199a38cc4d5e9ea44b6382dd97871ede65cd2ad80ae8feaa092ba39c32dbe9d81ae35503135cdc47df2a3378a833227b6353a6c2a34f0a50566160ff0836103bbe50ee73922692df2c13584b119f939e46387d6a10de77cc68e55aaea166d1f6cc7c119d4459c1fe6b73cc026e481b165663d72ac926d4e16dadfb1968ad0d81b97afc383ae47de99f13971a59699f49da211a02fabd617d4fc03e4cc9f22a490cecfce9bfd2ac6bb77f312d6dd9a584b09c4ccbd7f8c637128562e92b61af0befa88fdb96a27452a0094b3ce306a69cd4270817014e7d3bb87a0805e05c40d5b2b56cf571fcebd7bdfa9b976dfcfdfac7bc00c2e2e8502bf6316792aa5b3f822dca5d83b7f374945bb316e987138f904598937a702ff605ad8f3c79d502c8bff8e98723fb799db77c87afc36642e3dd5e6448de8134e885cde7e8c0ca15390e330931a9bd93c17c9b11d8590589ca03051946aeb626d291b887d50c62cfb0442a6ccc49f7037cc99b0952f623559682558aefad09e0d85bf3033849cfb42c8a830ff9afb390fa93f89019c82e3e8e49e5860d88f7a3402dc1d3fdcb99f44c2736ea3a8e5ffa01d44197257228ae8f965a81bbfe8fb818c2b685604b08753c851d36edd48f7070ac2fe1ee2d4a7fb7463c1506ee3b338607deee8f0b07e0aa48e97b15de86eca182e0b8691aff30c0601706254d4cfdca13f7a83c84780bc6fd5cef533e3c2f039e750f7dc3ddfbc981096deb9f5efa4bc9de6f92392e65723ae9243db04496c035bd596f48914a320e1c7b40f4476a243fc0e67a0c73f4f07a649b4d41a01fcb66e2a495a0939c98abd94c9981f081560788a39b26b259e1e39d3de5930c54cb1df53b656d9381ad15115445d631f6ad86f43fa684d20c2db066ab8d0209e628b885277be07cf1308fde29d19cfebde151f5588f21fe3f7a4d9ad4fa9faf8a826c41191e0e6a2c92925fb3554b6cd6c769ba9b46c7d9faa55b136b1f005751b683368287ce94238c92e8f561b7fb6352de592bfa57da570171c1384e41d3b91c251a7609e875a629856a037d109ce869f1431f05320c2a79cd4c14f0e520f869819329d5aa5e1e8f769aa8bb2a3602661624d7f9a9258c06b92a99498142d34decd32aab7540d4014762f13c3ffec2d178b0c55e50a4d11fe5c38971b1f03341e23a5c7de70970efb836655d2f29f04bc1974a373ffcd21fc67536cf51746415b1ba9f8d233941e9277c31b856c3025a78ac31b53a6f5c40a6fe9978404fcfad290da4030cc7b5e98b15ae890e36f26bf6a06ee746f5b600649910d38f30bf3a7d62cdb295aac9427f66e082b0c6811c3bf4172580dd1a71bdff2cfc4d4ee9a063730c926a1c707cfae5021929e130aca9876ecb5683c1ae0fa2e2a41448f5f74a6e72f4299569a1e7f8cec046e413e7ddf91741a2dcc1cd6070a592dd0a9dbcaa8868922ee09bc1d34f0812809d38bb2006f375de1f9aa4adad877d4a9ba6af96f712054329dcd342cf308785b4c8da2bdb6235b256ea1debc277d0c22ba044b23119df5e80653237ece8d7bdafbb46398a76e0f6f2d06e4ca78aa39a5e2d8fc0d1150d143bc653283460d52e4bc02df4204cd8bb89ab7cd24bb9e2fcec833817d21c7a4685a26a5d223e8dc0ab740f6e0f87b17600b72f4e2662f02a2e01584d9a360e7be28e61d9b03291c31086c7c321fef364ee8cade0bc4b738f05919f11765a84b9018b30831244022e43fc7095a2199165764921e3a67304230f09e932d0034f4848b3518d38747fa3d22947eca3fe94f3680fb63bbbf26d6fd0668029f71726accf6f542d13c6f0ffb4d1077746cf306b2885f7d43f6e0869d154bcf1a28dc10a02ac2d8ca20e3e78aeed8509c2f26adf9b2b4e947b1e715a3fd1eef4a2e44baa597f7088ef40876caa949187d1364cec89fa337f4bddcdf7b5193dd96260213f14824608f462b4d99dc544b398cbbf32a1417f7ec17ee2180199ad011ecbc219908bf2dec488f8e1bebefce9dd316c1f18a5872de693f07ef3ec5749ca8d6fbbe7f07066b48391191a79c3f098d1760a4d0155d70f8084062726388262ae212da6d8b32a1275a13792600a4c432c95f41642322e1c8a8552fef1267e3aa525581b60d536912f823b157aff89a0b84945fe4818ea9d0c04af630ca7a9ba55933fbcaa8f1c1c3ea333f1eda174401c9804c6402c535910133ee955347b83d8394ddca480ddd75898e9997efe43606ee444cbb1bbd06f4722866ea538f37cb71b00493d1246623c64556e26aee70ce487276c27e0e12d811d9209673f1af064642d884ace82875d5d6b30703943cdd83e41dab92ff49071ad50804c5c3cc69d0ee80f75844fae490397e0dcc58864547e1904ad76b556944b248203712d02bd90ed854bdd7316bd50a0393a25e2c0aa83618b553c17f0571ef047aa3a9505a5e6b1d1a12a8938e5aed0c7551b59cf3b69aad922abffe3f4718ebaca77dd68be721a9680a0546daa4a30c70d5f3606eb1c26104aaffb99825ab13d6ec899bfaf342cd35f21c81c2fcf15362bcfc8a7aeba81cb6a8b4b688fcda9c590ff18cec5d69a90f7c33e985c3e573a59ead794153eb096fd882651db7ca7f282b0ce46b0b62df81c3ef445eeebf4b0b592dcf110aa840f0078ce38d0ac35bcee50a6ff32905697c055f3a71d81d26411de85ea21d08cb37f1f0df190c72fbfec62dcd18ee241ed0745d202cfea5b3e05561f2f307daa135d09006d1fa44268ced0676daffed899743566f5de01f5b9148b43634fa919e7b8ca2951e4b505b976148843e1ea98e4d25e317aa531bbb58c5dd260c4d887f3501fec081afdb069745739259254f935cc006f87dcd6304db6b3550ed5dd8bc01eae87e75d283e1d1f5629c375a6031780b1637f2b9b752b015e606a36b9812e2937", 0x1000}, {&(0x7f0000003c40)="36f73c6fad3177c9db605a7f949dc10ac76009cfdc424463baedddc225e0c91dae3d4960d7247dba6e59116c341a56d3179122f20c508790f5b5751006dc00499d4e01585f4c32854f672f9f1c940cdc049d225e6391c398375796c314ae04bb5c6a27998c625e236eac31335df666897960adbd30c24bb6d3adf2a8d8b5192556590177f9d2d64a30c7e726a36c3cd175136917b5dd4bf4d76bff795562e81371", 0xa1}, {&(0x7f0000003d00)="2e7ca7c77c3164b53b5186ae4fe576f3bae1608222c45114c6eea327f6b20711c823706fade8fc78a0ce360bb2de8c2efcbb8ea3ab58a7ac815604d2015833bee4b6129ec262d69d92c44437fd6278430217d446d632585398a2bb9d1be31f6597640650e78b2358b36f17f871fd4c57c87d6ce173b482057e78913299812a81ac4400b77e516d7d16928a144e754aa896dd1099e17ea4c068cd9cb18555ffea8bcbffbbbcc91597d9230cd05fd47ad02107fbec071bd2baeb8524da85c92d217631569932c74e5a02ac0b431296c3117121779cd405aab95aaed2e2316ce35d8c777202e3ccc9319d1da3041a070f9353ebe381cf40c760", 0xf8}, {&(0x7f0000003e00)="e8073101babeb510db4a6e2b546dfd8069e5d51c3c7e189d77542fb183c32de24ddd0ed2d8cf8c6f43c310cb97e6c8be8d8334b85d30f754ed1ac146", 0x3c}], 0x5, 0x0)

00:23:55 executing program 3:
set_mempolicy(0x4002, &(0x7f0000000000)=0x3, 0x64)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)

00:23:55 executing program 0:
unshare(0x8000400)
mkdir(0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x90)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)='%\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
getpeername(0xffffffffffffffff, 0x0, &(0x7f0000000340))
unlink(&(0x7f0000000200)='./file0\x00')
lsetxattr$trusted_overlay_nlink(0x0, 0x0, &(0x7f00000000c0)={'L+'}, 0x16, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f00000001c0)="8d683499464a9004c65ee594e6f57779733de2565159e3937445e4c49c19d075e96785880b766707cb29a7994d1047cbf3a5eadc710134a1716bcff0ab55cbeb", 0x40}, {0x0}, {&(0x7f0000000140)="f9cfcfdeaa0e7ac07edfe546e65fc438132c305d86b468b62c420b61f714893c439c6a6ed653de83cb0c", 0x2a}, {&(0x7f00000007c0)}, {0x0}, {0x0}, {&(0x7f0000000980)="7130d23ffd4cb292faea5806ea09748725b35d8e644a584d32f0abb4bff553177a4883095956608bd8930cd8b2fb9307e25867d1160e02a0dba67018eae385", 0x3f}], 0x7)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)

[  252.115592][T19862] tmpfs: Bad value for 'mpol'
[  252.137763][ T1033]  loop2: p2 < > p3 p4
[  252.142034][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  252.161811][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  252.168096][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  252.250777][ T1033]  loop1: p2 < > p3 p4
[  252.254928][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  252.261877][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  252.268084][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  252.295627][ T1033]  loop1: p2 < > p3 p4
[  252.300070][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  252.306999][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  252.313352][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  252.329884][ T1033]  loop2: p2 < > p3 p4
[  252.334182][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  252.340807][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  252.346949][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:56 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x1d}, {0x16}]})
socket$inet(0x2, 0x0, 0x0)

00:23:56 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
pipe(0x0)
writev(r0, &(0x7f00000027c0), 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5ee, 0x9d4b027f0dfca9f8, @perf_config_ext={0x8, 0x80}, 0x1212, 0x1000, 0x6, 0x4, 0x6, 0x5, 0x9, 0x0, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
dup(0xffffffffffffffff)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f00000001c0))
vmsplice(0xffffffffffffffff, &(0x7f0000003e40)=[{0x0}, {&(0x7f0000002c40)="8f98069a4660e458e100236cf779b2f28804d73f0cafa14b9aa09f8cbbb6f25ff0c1d44f1a4f88d5007f94b311d30fac4b2cc1dda8aa558292bba419147464f71bfeb0d5798d25fe338844daa5be053a07e2829bba258cc24944849af85b6d65d8057dc6789c660c0fadd8d8b7ccd23e1a28a8427e7bfc068f3c6acfce37df1de41122c37a68bd882eea130b21fa2ee684cc8712cb920121f5885cdd9c011d851fc7a7d73af9a2c9a8ba68b2826a1c8eb3fc077f846dd76d348c2208bb5a75af257eaa06cde93851148b61365a38d163e862a8b04d42c758ae928f1fc17da5ccc6996fca8621639db37340cd1fa3c0cfb0d473c93c2bb0ff53ccc0af183b9cb77ecedd880c0cd8e85070eb4850979062d8ac7478dc7aa11e04574080302f39a355054a26d7277b1f409ebf04a04c1a1573767b98ab5d9822f8586b666ee9826a13d8a28a7a524581810b9aad69b10754bdb43bed7f0089d6342dccb2c24a0916095da1bd99e4d6acb9a594454832be6bc587f0a15af5a707f41531a1fb0d0b4c6dbdb46697e39003d4b6bf130d4d1af7b621c5262f6961670f3b7b4058e4ba0a695d35da8ad33297a4c7cc4093173a19a19b7bb129ced1781ef8b183f89adef857dd2f2605d36b2b75b66f36d5bdc42a93e924c820a1a2c83e168d4a7c133a067f1ecc906f811f467f65b8075edd0c7b4f7c8d1ab274baea8041a40e586f19fb040d96da065945edb0e71e5086e9de337aec8bc5d2a160df5e44350175928d3e60d9613b4d97e54db09c73212bb206a0f5e36655451a8cb1eab61870909fcbe548b38f882b43a80fde8a34b9def678d15408d0757c55ff693ca3a839643de497ecc44e824d63596ad65799c32b753d921be19cad6d3a30714c593250fb3a91af2c9ad60bf1e2caa88789c842740aba56782e9a5d10ed6523be78d0d387724536f566f63eb3556894f0531521fe5d1ec1ececf9ef0016957bdc2962c49b007d131e1f62f34d8fdae026f7d06950cbd8f821ff20aea202d9fb67e0853e6eb5dba93bb5ac9e30de29d1b25122af45abf9bfd20730972270a314cfdc4254087c622c43f653c713553d62a4e8f3277974feccf80c8d1a47ddc6797ad3efd9abfb9903b125f359af0bf3746ac07b8f3947f676a00889ae7e14f093e03fbc359fd07fcd3965aeec77a8b73f252b833713516e7bbabc7ccbb3db42fbdc9e3a4df57baef7a03190dc82543d4fda28ecf9d0f59fbd44613c2afdee815ec117d8c9f265189297650873d5e95a700f0c5dd29c164f0525a73282698a05c300f3ef362cf775cd2f1bb914af566ee62e59263a858fc602ea3153753f3c2b9cc1bc05d86c0874281f8eaa92d3d6c34f21706eaaf6596b429a0fc1bce9f597cff55798cb775b1845b5d565b7913305aeb126f3938b88ad91ca01dbdb089145390d2e917a93ffb5631c08e2bb6a540847dc9c1cd66b429504c7bea77d96e5ce5b5b566cecc1576c55aa273293eeb3093b2fe90ac5976f252cedd5ed14fa52d3318bf80bf8a3744d75956c98f92f9e5b6ff998471a12ab4cce49c77f606031933780ca39dba72d4d728950968224f9c9f3e2faefc137d3ae29e42bf7637ee2349b94102a628b5e33ff96a59d89c2e23c31fb3539037cf9050e76fdbb4d8d619b4427287dee7167fb98b8b4305dc5119ae34e35adce2da5c9c9d5ff903569afc0ab8ad7928b776a27b2c639b3a1d999a701f35b80314da99a8f09bc3b17cd03480fa853c06ae4880997dc711bb39fb49d1e58be9a0cd631b290744f3375a4f656c42682fa7b05d1bea2f8c03f8f307026368c224f90d8b2c1a14f15f7e2d200d0e4713e60b7d7e956b42429b2f50d70c5f4522bbfbcb899508e55cad5d595c7af711bb528787b721861e19a741df224238682ada750a39c33207dc604bb69d3b32b4c3bec4f9775d88fc49d8f93b69e94382074f1b34fa6f9457e166ade60eb7343c7d2d49abcd0d7604ed884a76e71579f5c10a064a981d5d30820531b9db2761c71b76ad8d4fbc63f7424e932f645a0c06faa60913fe0e3b6553580e439080d76828983a249dc9c69fb66dc138aa6ff9ad477d0638017276b140363b08f5af76919cb257296663c32f5112f10002774571c06265d81348d2e3f0ef3843ea4789e1148f5c6034bffe1ab2e63e3cb13dd851d4cbc800bccd4a9d44c367fcc5b0ce8f292fbbb994cdbe02ff9a7cbb9954ff155dfe95711432bf0c4e5e69ceaa440ba4cebf73718d0df0664ba8166089b7561980f48b4012804e362bd757daf385d30b414283b5058004f285f816f10711a8fc7681258922d7a9f4d6c1a257885f9ef8e8d60b30bbcfba36cb1aa58926a27a32dd1986c0ae2fcc5363bec7ff942a3e297670843d8f7f76a40a01983baf9226fb5b8d27d8420c91007f4854a64897d218ba98607be8c526c06ecb7a5dd03fbf071714aba76f8058094f3c95af5bf4294abfed95bc2b316bd11b18c2693cc8cf29e52cfa16c9c74b330b15fbd729b6c9c7f99f497c47dcd46e36f6cb995d888c7d3be16226bcc15d5e13c63cd928cbe685cb0d733ea337f9ae287ed0f18745d004373c4486534dce49c6b1175cf01a5f845164acde01adb0762df99865088c39978e6f7ce69cb6153559730255d5f609ce3938b4e85c0cbfca4a24da6edd56eea5304a500ee11fa4f6420425470e0568bce2720ea42e8e19ec9006127963d7a4c1b4e49184c5b4a516e4286402041db4258554a13df2344de5faa59dfa41dc926903fb7ace00c177530455c83576d246eaba10869f25caf8ead97873ce8f8c19e967d5cd6aeb7d2d18371ca18905046c3c2460c078a4e595458199a38cc4d5e9ea44b6382dd97871ede65cd2ad80ae8feaa092ba39c32dbe9d81ae35503135cdc47df2a3378a833227b6353a6c2a34f0a50566160ff0836103bbe50ee73922692df2c13584b119f939e46387d6a10de77cc68e55aaea166d1f6cc7c119d4459c1fe6b73cc026e481b165663d72ac926d4e16dadfb1968ad0d81b97afc383ae47de99f13971a59699f49da211a02fabd617d4fc03e4cc9f22a490cecfce9bfd2ac6bb77f312d6dd9a584b09c4ccbd7f8c637128562e92b61af0befa88fdb96a27452a0094b3ce306a69cd4270817014e7d3bb87a0805e05c40d5b2b56cf571fcebd7bdfa9b976dfcfdfac7bc00c2e2e8502bf6316792aa5b3f822dca5d83b7f374945bb316e987138f904598937a702ff605ad8f3c79d502c8bff8e98723fb799db77c87afc36642e3dd5e6448de8134e885cde7e8c0ca15390e330931a9bd93c17c9b11d8590589ca03051946aeb626d291b887d50c62cfb0442a6ccc49f7037cc99b0952f623559682558aefad09e0d85bf3033849cfb42c8a830ff9afb390fa93f89019c82e3e8e49e5860d88f7a3402dc1d3fdcb99f44c2736ea3a8e5ffa01d44197257228ae8f965a81bbfe8fb818c2b685604b08753c851d36edd48f7070ac2fe1ee2d4a7fb7463c1506ee3b338607deee8f0b07e0aa48e97b15de86eca182e0b8691aff30c0601706254d4cfdca13f7a83c84780bc6fd5cef533e3c2f039e750f7dc3ddfbc981096deb9f5efa4bc9de6f92392e65723ae9243db04496c035bd596f48914a320e1c7b40f4476a243fc0e67a0c73f4f07a649b4d41a01fcb66e2a495a0939c98abd94c9981f081560788a39b26b259e1e39d3de5930c54cb1df53b656d9381ad15115445d631f6ad86f43fa684d20c2db066ab8d0209e628b885277be07cf1308fde29d19cfebde151f5588f21fe3f7a4d9ad4fa9faf8a826c41191e0e6a2c92925fb3554b6cd6c769ba9b46c7d9faa55b136b1f005751b683368287ce94238c92e8f561b7fb6352de592bfa57da570171c1384e41d3b91c251a7609e875a629856a037d109ce869f1431f05320c2a79cd4c14f0e520f869819329d5aa5e1e8f769aa8bb2a3602661624d7f9a9258c06b92a99498142d34decd32aab7540d4014762f13c3ffec2d178b0c55e50a4d11fe5c38971b1f03341e23a5c7de70970efb836655d2f29f04bc1974a373ffcd21fc67536cf51746415b1ba9f8d233941e9277c31b856c3025a78ac31b53a6f5c40a6fe9978404fcfad290da4030cc7b5e98b15ae890e36f26bf6a06ee746f5b600649910d38f30bf3a7d62cdb295aac9427f66e082b0c6811c3bf4172580dd1a71bdff2cfc4d4ee9a063730c926a1c707cfae5021929e130aca9876ecb5683c1ae0fa2e2a41448f5f74a6e72f4299569a1e7f8cec046e413e7ddf91741a2dcc1cd6070a592dd0a9dbcaa8868922ee09bc1d34f0812809d38bb2006f375de1f9aa4adad877d4a9ba6af96f712054329dcd342cf308785b4c8da2bdb6235b256ea1debc277d0c22ba044b23119df5e80653237ece8d7bdafbb46398a76e0f6f2d06e4ca78aa39a5e2d8fc0d1150d143bc653283460d52e4bc02df4204cd8bb89ab7cd24bb9e2fcec833817d21c7a4685a26a5d223e8dc0ab740f6e0f87b17600b72f4e2662f02a2e01584d9a360e7be28e61d9b03291c31086c7c321fef364ee8cade0bc4b738f05919f11765a84b9018b30831244022e43fc7095a2199165764921e3a67304230f09e932d0034f4848b3518d38747fa3d22947eca3fe94f3680fb63bbbf26d6fd0668029f71726accf6f542d13c6f0ffb4d1077746cf306b2885f7d43f6e0869d154bcf1a28dc10a02ac2d8ca20e3e78aeed8509c2f26adf9b2b4e947b1e715a3fd1eef4a2e44baa597f7088ef40876caa949187d1364cec89fa337f4bddcdf7b5193dd96260213f14824608f462b4d99dc544b398cbbf32a1417f7ec17ee2180199ad011ecbc219908bf2dec488f8e1bebefce9dd316c1f18a5872de693f07ef3ec5749ca8d6fbbe7f07066b48391191a79c3f098d1760a4d0155d70f8084062726388262ae212da6d8b32a1275a13792600a4c432c95f41642322e1c8a8552fef1267e3aa525581b60d536912f823b157aff89a0b84945fe4818ea9d0c04af630ca7a9ba55933fbcaa8f1c1c3ea333f1eda174401c9804c6402c535910133ee955347b83d8394ddca480ddd75898e9997efe43606ee444cbb1bbd06f4722866ea538f37cb71b00493d1246623c64556e26aee70ce487276c27e0e12d811d9209673f1af064642d884ace82875d5d6b30703943cdd83e41dab92ff49071ad50804c5c3cc69d0ee80f75844fae490397e0dcc58864547e1904ad76b556944b248203712d02bd90ed854bdd7316bd50a0393a25e2c0aa83618b553c17f0571ef047aa3a9505a5e6b1d1a12a8938e5aed0c7551b59cf3b69aad922abffe3f4718ebaca77dd68be721a9680a0546daa4a30c70d5f3606eb1c26104aaffb99825ab13d6ec899bfaf342cd35f21c81c2fcf15362bcfc8a7aeba81cb6a8b4b688fcda9c590ff18cec5d69a90f7c33e985c3e573a59ead794153eb096fd882651db7ca7f282b0ce46b0b62df81c3ef445eeebf4b0b592dcf110aa840f0078ce38d0ac35bcee50a6ff32905697c055f3a71d81d26411de85ea21d08cb37f1f0df190c72fbfec62dcd18ee241ed0745d202cfea5b3e05561f2f307daa135d09006d1fa44268ced0676daffed899743566f5de01f5b9148b43634fa919e7b8ca2951e4b505b976148843e1ea98e4d25e317aa531bbb58c5dd260c4d887f3501fec081afdb069745739259254f935cc006f87dcd6304db6b3550ed5dd8bc01eae87e75d283e1d1f5629c375a6031780b1637f2b9b752b015e606a36b9812e2937", 0x1000}, {&(0x7f0000003c40)="36f73c6fad3177c9db605a7f949dc10ac76009cfdc424463baedddc225e0c91dae3d4960d7247dba6e59116c341a56d3179122f20c508790f5b5751006dc00499d4e01585f4c32854f672f9f1c940cdc049d225e6391c398375796c314ae04bb5c6a27998c625e236eac31335df666897960adbd30c24bb6d3adf2a8d8b5192556590177f9d2d64a30c7e726a36c3cd175136917b5dd4bf4d76bff795562e81371", 0xa1}, {&(0x7f0000003d00)="2e7ca7c77c3164b53b5186ae4fe576f3bae1608222c45114c6eea327f6b20711c823706fade8fc78a0ce360bb2de8c2efcbb8ea3ab58a7ac815604d2015833bee4b6129ec262d69d92c44437fd6278430217d446d632585398a2bb9d1be31f6597640650e78b2358b36f17f871fd4c57c87d6ce173b482057e78913299812a81ac4400b77e516d7d16928a144e754aa896dd1099e17ea4c068cd9cb18555ffea8bcbffbbbcc91597d9230cd05fd47ad02107fbec071bd2baeb8524da85c92d217631569932c74e5a02ac0b431296c3117121779cd405aab95aaed2e2316ce35d8c777202e3ccc9319d1da3041a070f9353ebe381cf40c760", 0xf8}, {&(0x7f0000003e00)="e8073101babeb510db4a6e2b546dfd8069e5d51c3c7e189d77542fb183c32de24ddd0ed2d8cf8c6f43c310cb97e6c8be8d8334b85d30f754ed1ac146", 0x3c}], 0x5, 0x0)

00:23:56 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
close(r0)

00:23:56 executing program 3:
set_mempolicy(0x4002, &(0x7f0000000000)=0x3, 0x64)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0)

00:23:56 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:56 executing program 0:
unshare(0x8000400)
mkdir(0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x90)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)='%\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
getpeername(0xffffffffffffffff, 0x0, &(0x7f0000000340))
unlink(&(0x7f0000000200)='./file0\x00')
lsetxattr$trusted_overlay_nlink(0x0, 0x0, &(0x7f00000000c0)={'L+'}, 0x16, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f00000001c0)="8d683499464a9004c65ee594e6f57779733de2565159e3937445e4c49c19d075e96785880b766707cb29a7994d1047cbf3a5eadc710134a1716bcff0ab55cbeb", 0x40}, {0x0}, {&(0x7f0000000140)="f9cfcfdeaa0e7ac07edfe546e65fc438132c305d86b468b62c420b61f714893c439c6a6ed653de83cb0c", 0x2a}, {&(0x7f00000007c0)}, {0x0}, {0x0}, {&(0x7f0000000980)="7130d23ffd4cb292faea5806ea09748725b35d8e644a584d32f0abb4bff553177a4883095956608bd8930cd8b2fb9307e25867d1160e02a0dba67018eae385", 0x3f}], 0x7)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)

[  252.772434][   T25] audit: type=1326 audit(1622420636.206:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=19832 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
00:23:56 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
close(r0)

[  252.846339][ T1033]  loop5: p2 < > p3 p4
[  252.850610][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  252.864881][   T25] audit: type=1326 audit(1622420636.296:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=19919 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
00:23:56 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b0918e4972be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c6f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d64415761534dae491de7642a7c52cc6d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9125939ed96a074eb04a348a666bf58b23ac4edcce4000000000000007f6acccc7c3100feab512becc3d0cda56b0ba42c4c7e123885ed0e374af1414a766297f3c78b0edf153f508f51971ee2c2b7ea506db26d9cf3c35324f3cd2158f38601e12b361e1f154489d9c90f9ecee549e0f8b7c5b9d9297f8a88ce437211876c095e4b5d53ac5cd7cd1d7235d1578058fbce883eed933d66e10cfb715e11bb28", 0x123}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  252.889833][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  252.889847][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  252.923387][ T1033]  loop1: p2 < > p3 p4
00:23:56 executing program 0:
unshare(0x8000400)
mkdir(0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x90)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)='%\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
getpeername(0xffffffffffffffff, 0x0, &(0x7f0000000340))
unlink(&(0x7f0000000200)='./file0\x00')
lsetxattr$trusted_overlay_nlink(0x0, 0x0, &(0x7f00000000c0)={'L+'}, 0x16, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f00000001c0)="8d683499464a9004c65ee594e6f57779733de2565159e3937445e4c49c19d075e96785880b766707cb29a7994d1047cbf3a5eadc710134a1716bcff0ab55cbeb", 0x40}, {0x0}, {&(0x7f0000000140)="f9cfcfdeaa0e7ac07edfe546e65fc438132c305d86b468b62c420b61f714893c439c6a6ed653de83cb0c", 0x2a}, {&(0x7f00000007c0)}, {0x0}, {0x0}, {&(0x7f0000000980)="7130d23ffd4cb292faea5806ea09748725b35d8e644a584d32f0abb4bff553177a4883095956608bd8930cd8b2fb9307e25867d1160e02a0dba67018eae385", 0x3f}], 0x7)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)

00:23:56 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b0918e4972be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c6f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d64415761534dae491de7642a7c52cc6d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9125939ed96a074eb04a348a666bf58b23ac4edcce4000000000000007f6acccc7c3100feab512becc3d0cda56b0ba42c4c7e123885ed0e374af1414a766297f3c78b0edf153f508f51971ee2c2b7ea506db26d9cf3c35324f3cd2158f38601e12b361e1f154489d9c90f9ecee549e0f8b7c5b9d9297f8a88ce437211876c095e4b5d53ac5cd7cd1d7235d1578058fbce883eed933d66e10cfb715e11bb28", 0x123}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  252.923533][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  252.923916][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:23:56 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
pipe(0x0)
writev(r0, &(0x7f00000027c0), 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5ee, 0x9d4b027f0dfca9f8, @perf_config_ext={0x8, 0x80}, 0x1212, 0x1000, 0x6, 0x4, 0x6, 0x5, 0x9, 0x0, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
dup(0xffffffffffffffff)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f00000001c0))
vmsplice(0xffffffffffffffff, &(0x7f0000003e40)=[{0x0}, {&(0x7f0000002c40)="8f98069a4660e458e100236cf779b2f28804d73f0cafa14b9aa09f8cbbb6f25ff0c1d44f1a4f88d5007f94b311d30fac4b2cc1dda8aa558292bba419147464f71bfeb0d5798d25fe338844daa5be053a07e2829bba258cc24944849af85b6d65d8057dc6789c660c0fadd8d8b7ccd23e1a28a8427e7bfc068f3c6acfce37df1de41122c37a68bd882eea130b21fa2ee684cc8712cb920121f5885cdd9c011d851fc7a7d73af9a2c9a8ba68b2826a1c8eb3fc077f846dd76d348c2208bb5a75af257eaa06cde93851148b61365a38d163e862a8b04d42c758ae928f1fc17da5ccc6996fca8621639db37340cd1fa3c0cfb0d473c93c2bb0ff53ccc0af183b9cb77ecedd880c0cd8e85070eb4850979062d8ac7478dc7aa11e04574080302f39a355054a26d7277b1f409ebf04a04c1a1573767b98ab5d9822f8586b666ee9826a13d8a28a7a524581810b9aad69b10754bdb43bed7f0089d6342dccb2c24a0916095da1bd99e4d6acb9a594454832be6bc587f0a15af5a707f41531a1fb0d0b4c6dbdb46697e39003d4b6bf130d4d1af7b621c5262f6961670f3b7b4058e4ba0a695d35da8ad33297a4c7cc4093173a19a19b7bb129ced1781ef8b183f89adef857dd2f2605d36b2b75b66f36d5bdc42a93e924c820a1a2c83e168d4a7c133a067f1ecc906f811f467f65b8075edd0c7b4f7c8d1ab274baea8041a40e586f19fb040d96da065945edb0e71e5086e9de337aec8bc5d2a160df5e44350175928d3e60d9613b4d97e54db09c73212bb206a0f5e36655451a8cb1eab61870909fcbe548b38f882b43a80fde8a34b9def678d15408d0757c55ff693ca3a839643de497ecc44e824d63596ad65799c32b753d921be19cad6d3a30714c593250fb3a91af2c9ad60bf1e2caa88789c842740aba56782e9a5d10ed6523be78d0d387724536f566f63eb3556894f0531521fe5d1ec1ececf9ef0016957bdc2962c49b007d131e1f62f34d8fdae026f7d06950cbd8f821ff20aea202d9fb67e0853e6eb5dba93bb5ac9e30de29d1b25122af45abf9bfd20730972270a314cfdc4254087c622c43f653c713553d62a4e8f3277974feccf80c8d1a47ddc6797ad3efd9abfb9903b125f359af0bf3746ac07b8f3947f676a00889ae7e14f093e03fbc359fd07fcd3965aeec77a8b73f252b833713516e7bbabc7ccbb3db42fbdc9e3a4df57baef7a03190dc82543d4fda28ecf9d0f59fbd44613c2afdee815ec117d8c9f265189297650873d5e95a700f0c5dd29c164f0525a73282698a05c300f3ef362cf775cd2f1bb914af566ee62e59263a858fc602ea3153753f3c2b9cc1bc05d86c0874281f8eaa92d3d6c34f21706eaaf6596b429a0fc1bce9f597cff55798cb775b1845b5d565b7913305aeb126f3938b88ad91ca01dbdb089145390d2e917a93ffb5631c08e2bb6a540847dc9c1cd66b429504c7bea77d96e5ce5b5b566cecc1576c55aa273293eeb3093b2fe90ac5976f252cedd5ed14fa52d3318bf80bf8a3744d75956c98f92f9e5b6ff998471a12ab4cce49c77f606031933780ca39dba72d4d728950968224f9c9f3e2faefc137d3ae29e42bf7637ee2349b94102a628b5e33ff96a59d89c2e23c31fb3539037cf9050e76fdbb4d8d619b4427287dee7167fb98b8b4305dc5119ae34e35adce2da5c9c9d5ff903569afc0ab8ad7928b776a27b2c639b3a1d999a701f35b80314da99a8f09bc3b17cd03480fa853c06ae4880997dc711bb39fb49d1e58be9a0cd631b290744f3375a4f656c42682fa7b05d1bea2f8c03f8f307026368c224f90d8b2c1a14f15f7e2d200d0e4713e60b7d7e956b42429b2f50d70c5f4522bbfbcb899508e55cad5d595c7af711bb528787b721861e19a741df224238682ada750a39c33207dc604bb69d3b32b4c3bec4f9775d88fc49d8f93b69e94382074f1b34fa6f9457e166ade60eb7343c7d2d49abcd0d7604ed884a76e71579f5c10a064a981d5d30820531b9db2761c71b76ad8d4fbc63f7424e932f645a0c06faa60913fe0e3b6553580e439080d76828983a249dc9c69fb66dc138aa6ff9ad477d0638017276b140363b08f5af76919cb257296663c32f5112f10002774571c06265d81348d2e3f0ef3843ea4789e1148f5c6034bffe1ab2e63e3cb13dd851d4cbc800bccd4a9d44c367fcc5b0ce8f292fbbb994cdbe02ff9a7cbb9954ff155dfe95711432bf0c4e5e69ceaa440ba4cebf73718d0df0664ba8166089b7561980f48b4012804e362bd757daf385d30b414283b5058004f285f816f10711a8fc7681258922d7a9f4d6c1a257885f9ef8e8d60b30bbcfba36cb1aa58926a27a32dd1986c0ae2fcc5363bec7ff942a3e297670843d8f7f76a40a01983baf9226fb5b8d27d8420c91007f4854a64897d218ba98607be8c526c06ecb7a5dd03fbf071714aba76f8058094f3c95af5bf4294abfed95bc2b316bd11b18c2693cc8cf29e52cfa16c9c74b330b15fbd729b6c9c7f99f497c47dcd46e36f6cb995d888c7d3be16226bcc15d5e13c63cd928cbe685cb0d733ea337f9ae287ed0f18745d004373c4486534dce49c6b1175cf01a5f845164acde01adb0762df99865088c39978e6f7ce69cb6153559730255d5f609ce3938b4e85c0cbfca4a24da6edd56eea5304a500ee11fa4f6420425470e0568bce2720ea42e8e19ec9006127963d7a4c1b4e49184c5b4a516e4286402041db4258554a13df2344de5faa59dfa41dc926903fb7ace00c177530455c83576d246eaba10869f25caf8ead97873ce8f8c19e967d5cd6aeb7d2d18371ca18905046c3c2460c078a4e595458199a38cc4d5e9ea44b6382dd97871ede65cd2ad80ae8feaa092ba39c32dbe9d81ae35503135cdc47df2a3378a833227b6353a6c2a34f0a50566160ff0836103bbe50ee73922692df2c13584b119f939e46387d6a10de77cc68e55aaea166d1f6cc7c119d4459c1fe6b73cc026e481b165663d72ac926d4e16dadfb1968ad0d81b97afc383ae47de99f13971a59699f49da211a02fabd617d4fc03e4cc9f22a490cecfce9bfd2ac6bb77f312d6dd9a584b09c4ccbd7f8c637128562e92b61af0befa88fdb96a27452a0094b3ce306a69cd4270817014e7d3bb87a0805e05c40d5b2b56cf571fcebd7bdfa9b976dfcfdfac7bc00c2e2e8502bf6316792aa5b3f822dca5d83b7f374945bb316e987138f904598937a702ff605ad8f3c79d502c8bff8e98723fb799db77c87afc36642e3dd5e6448de8134e885cde7e8c0ca15390e330931a9bd93c17c9b11d8590589ca03051946aeb626d291b887d50c62cfb0442a6ccc49f7037cc99b0952f623559682558aefad09e0d85bf3033849cfb42c8a830ff9afb390fa93f89019c82e3e8e49e5860d88f7a3402dc1d3fdcb99f44c2736ea3a8e5ffa01d44197257228ae8f965a81bbfe8fb818c2b685604b08753c851d36edd48f7070ac2fe1ee2d4a7fb7463c1506ee3b338607deee8f0b07e0aa48e97b15de86eca182e0b8691aff30c0601706254d4cfdca13f7a83c84780bc6fd5cef533e3c2f039e750f7dc3ddfbc981096deb9f5efa4bc9de6f92392e65723ae9243db04496c035bd596f48914a320e1c7b40f4476a243fc0e67a0c73f4f07a649b4d41a01fcb66e2a495a0939c98abd94c9981f081560788a39b26b259e1e39d3de5930c54cb1df53b656d9381ad15115445d631f6ad86f43fa684d20c2db066ab8d0209e628b885277be07cf1308fde29d19cfebde151f5588f21fe3f7a4d9ad4fa9faf8a826c41191e0e6a2c92925fb3554b6cd6c769ba9b46c7d9faa55b136b1f005751b683368287ce94238c92e8f561b7fb6352de592bfa57da570171c1384e41d3b91c251a7609e875a629856a037d109ce869f1431f05320c2a79cd4c14f0e520f869819329d5aa5e1e8f769aa8bb2a3602661624d7f9a9258c06b92a99498142d34decd32aab7540d4014762f13c3ffec2d178b0c55e50a4d11fe5c38971b1f03341e23a5c7de70970efb836655d2f29f04bc1974a373ffcd21fc67536cf51746415b1ba9f8d233941e9277c31b856c3025a78ac31b53a6f5c40a6fe9978404fcfad290da4030cc7b5e98b15ae890e36f26bf6a06ee746f5b600649910d38f30bf3a7d62cdb295aac9427f66e082b0c6811c3bf4172580dd1a71bdff2cfc4d4ee9a063730c926a1c707cfae5021929e130aca9876ecb5683c1ae0fa2e2a41448f5f74a6e72f4299569a1e7f8cec046e413e7ddf91741a2dcc1cd6070a592dd0a9dbcaa8868922ee09bc1d34f0812809d38bb2006f375de1f9aa4adad877d4a9ba6af96f712054329dcd342cf308785b4c8da2bdb6235b256ea1debc277d0c22ba044b23119df5e80653237ece8d7bdafbb46398a76e0f6f2d06e4ca78aa39a5e2d8fc0d1150d143bc653283460d52e4bc02df4204cd8bb89ab7cd24bb9e2fcec833817d21c7a4685a26a5d223e8dc0ab740f6e0f87b17600b72f4e2662f02a2e01584d9a360e7be28e61d9b03291c31086c7c321fef364ee8cade0bc4b738f05919f11765a84b9018b30831244022e43fc7095a2199165764921e3a67304230f09e932d0034f4848b3518d38747fa3d22947eca3fe94f3680fb63bbbf26d6fd0668029f71726accf6f542d13c6f0ffb4d1077746cf306b2885f7d43f6e0869d154bcf1a28dc10a02ac2d8ca20e3e78aeed8509c2f26adf9b2b4e947b1e715a3fd1eef4a2e44baa597f7088ef40876caa949187d1364cec89fa337f4bddcdf7b5193dd96260213f14824608f462b4d99dc544b398cbbf32a1417f7ec17ee2180199ad011ecbc219908bf2dec488f8e1bebefce9dd316c1f18a5872de693f07ef3ec5749ca8d6fbbe7f07066b48391191a79c3f098d1760a4d0155d70f8084062726388262ae212da6d8b32a1275a13792600a4c432c95f41642322e1c8a8552fef1267e3aa525581b60d536912f823b157aff89a0b84945fe4818ea9d0c04af630ca7a9ba55933fbcaa8f1c1c3ea333f1eda174401c9804c6402c535910133ee955347b83d8394ddca480ddd75898e9997efe43606ee444cbb1bbd06f4722866ea538f37cb71b00493d1246623c64556e26aee70ce487276c27e0e12d811d9209673f1af064642d884ace82875d5d6b30703943cdd83e41dab92ff49071ad50804c5c3cc69d0ee80f75844fae490397e0dcc58864547e1904ad76b556944b248203712d02bd90ed854bdd7316bd50a0393a25e2c0aa83618b553c17f0571ef047aa3a9505a5e6b1d1a12a8938e5aed0c7551b59cf3b69aad922abffe3f4718ebaca77dd68be721a9680a0546daa4a30c70d5f3606eb1c26104aaffb99825ab13d6ec899bfaf342cd35f21c81c2fcf15362bcfc8a7aeba81cb6a8b4b688fcda9c590ff18cec5d69a90f7c33e985c3e573a59ead794153eb096fd882651db7ca7f282b0ce46b0b62df81c3ef445eeebf4b0b592dcf110aa840f0078ce38d0ac35bcee50a6ff32905697c055f3a71d81d26411de85ea21d08cb37f1f0df190c72fbfec62dcd18ee241ed0745d202cfea5b3e05561f2f307daa135d09006d1fa44268ced0676daffed899743566f5de01f5b9148b43634fa919e7b8ca2951e4b505b976148843e1ea98e4d25e317aa531bbb58c5dd260c4d887f3501fec081afdb069745739259254f935cc006f87dcd6304db6b3550ed5dd8bc01eae87e75d283e1d1f5629c375a6031780b1637f2b9b752b015e606a36b9812e2937", 0x1000}, {&(0x7f0000003c40)="36f73c6fad3177c9db605a7f949dc10ac76009cfdc424463baedddc225e0c91dae3d4960d7247dba6e59116c341a56d3179122f20c508790f5b5751006dc00499d4e01585f4c32854f672f9f1c940cdc049d225e6391c398375796c314ae04bb5c6a27998c625e236eac31335df666897960adbd30c24bb6d3adf2a8d8b5192556590177f9d2d64a30c7e726a36c3cd175136917b5dd4bf4d76bff795562e81371", 0xa1}, {&(0x7f0000003d00)="2e7ca7c77c3164b53b5186ae4fe576f3bae1608222c45114c6eea327f6b20711c823706fade8fc78a0ce360bb2de8c2efcbb8ea3ab58a7ac815604d2015833bee4b6129ec262d69d92c44437fd6278430217d446d632585398a2bb9d1be31f6597640650e78b2358b36f17f871fd4c57c87d6ce173b482057e78913299812a81ac4400b77e516d7d16928a144e754aa896dd1099e17ea4c068cd9cb18555ffea8bcbffbbbcc91597d9230cd05fd47ad02107fbec071bd2baeb8524da85c92d217631569932c74e5a02ac0b431296c3117121779cd405aab95aaed2e2316ce35d8c777202e3ccc9319d1da3041a070f9353ebe381cf40c760", 0xf8}, {&(0x7f0000003e00)="e8073101babeb510db4a6e2b546dfd8069e5d51c3c7e189d77542fb183c32de24ddd0ed2d8cf8c6f43c310cb97e6c8be8d8334b85d30f754ed1ac146", 0x3c}], 0x5, 0x0)

[  252.923930][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:56 executing program 1:
syz_io_uring_setup(0x2378, &(0x7f0000000140), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0)
r0 = syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000280), &(0x7f0000000240))
mmap$IORING_OFF_CQ_RING(&(0x7f00001a9000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x8000000)
syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[  253.067940][ T1033]  loop2: p2 < > p3 p4
[  253.072355][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  253.080000][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  253.086165][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  253.112225][ T1033]  loop1: p2 < > p3 p4
[  253.116465][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  253.123341][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  253.129509][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:57 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x1d}, {0x16}]})
socket$inet(0x2, 0x0, 0x0)

00:23:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:57 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b0918e4972be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c6f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d64415761534dae491de7642a7c52cc6d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9125939ed96a074eb04a348a666bf58b23ac4edcce4000000000000007f6acccc7c3100feab512becc3d0cda56b0ba42c4c7e123885ed0e374af1414a766297f3c78b0edf153f508f51971ee2c2b7ea506db26d9cf3c35324f3cd2158f38601e12b361e1f154489d9c90f9ecee549e0f8b7c5b9d9297f8a88ce437211876c095e4b5d53ac5cd7cd1d7235d1578058fbce883eed933d66e10cfb715e11bb28", 0x123}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:23:57 executing program 0:
unshare(0x8000400)
mkdir(0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x90)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)='%\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x6, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
getpeername(0xffffffffffffffff, 0x0, &(0x7f0000000340))
unlink(&(0x7f0000000200)='./file0\x00')
lsetxattr$trusted_overlay_nlink(0x0, 0x0, &(0x7f00000000c0)={'L+'}, 0x16, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f00000001c0)="8d683499464a9004c65ee594e6f57779733de2565159e3937445e4c49c19d075e96785880b766707cb29a7994d1047cbf3a5eadc710134a1716bcff0ab55cbeb", 0x40}, {0x0}, {&(0x7f0000000140)="f9cfcfdeaa0e7ac07edfe546e65fc438132c305d86b468b62c420b61f714893c439c6a6ed653de83cb0c", 0x2a}, {&(0x7f00000007c0)}, {0x0}, {0x0}, {&(0x7f0000000980)="7130d23ffd4cb292faea5806ea09748725b35d8e644a584d32f0abb4bff553177a4883095956608bd8930cd8b2fb9307e25867d1160e02a0dba67018eae385", 0x3f}], 0x7)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)

00:23:57 executing program 4:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
pipe(0x0)
writev(r0, &(0x7f00000027c0), 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5ee, 0x9d4b027f0dfca9f8, @perf_config_ext={0x8, 0x80}, 0x1212, 0x1000, 0x6, 0x4, 0x6, 0x5, 0x9, 0x0, 0x200, 0x0, 0x3}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
dup(0xffffffffffffffff)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f00000001c0))
vmsplice(0xffffffffffffffff, &(0x7f0000003e40)=[{0x0}, {&(0x7f0000002c40)="8f98069a4660e458e100236cf779b2f28804d73f0cafa14b9aa09f8cbbb6f25ff0c1d44f1a4f88d5007f94b311d30fac4b2cc1dda8aa558292bba419147464f71bfeb0d5798d25fe338844daa5be053a07e2829bba258cc24944849af85b6d65d8057dc6789c660c0fadd8d8b7ccd23e1a28a8427e7bfc068f3c6acfce37df1de41122c37a68bd882eea130b21fa2ee684cc8712cb920121f5885cdd9c011d851fc7a7d73af9a2c9a8ba68b2826a1c8eb3fc077f846dd76d348c2208bb5a75af257eaa06cde93851148b61365a38d163e862a8b04d42c758ae928f1fc17da5ccc6996fca8621639db37340cd1fa3c0cfb0d473c93c2bb0ff53ccc0af183b9cb77ecedd880c0cd8e85070eb4850979062d8ac7478dc7aa11e04574080302f39a355054a26d7277b1f409ebf04a04c1a1573767b98ab5d9822f8586b666ee9826a13d8a28a7a524581810b9aad69b10754bdb43bed7f0089d6342dccb2c24a0916095da1bd99e4d6acb9a594454832be6bc587f0a15af5a707f41531a1fb0d0b4c6dbdb46697e39003d4b6bf130d4d1af7b621c5262f6961670f3b7b4058e4ba0a695d35da8ad33297a4c7cc4093173a19a19b7bb129ced1781ef8b183f89adef857dd2f2605d36b2b75b66f36d5bdc42a93e924c820a1a2c83e168d4a7c133a067f1ecc906f811f467f65b8075edd0c7b4f7c8d1ab274baea8041a40e586f19fb040d96da065945edb0e71e5086e9de337aec8bc5d2a160df5e44350175928d3e60d9613b4d97e54db09c73212bb206a0f5e36655451a8cb1eab61870909fcbe548b38f882b43a80fde8a34b9def678d15408d0757c55ff693ca3a839643de497ecc44e824d63596ad65799c32b753d921be19cad6d3a30714c593250fb3a91af2c9ad60bf1e2caa88789c842740aba56782e9a5d10ed6523be78d0d387724536f566f63eb3556894f0531521fe5d1ec1ececf9ef0016957bdc2962c49b007d131e1f62f34d8fdae026f7d06950cbd8f821ff20aea202d9fb67e0853e6eb5dba93bb5ac9e30de29d1b25122af45abf9bfd20730972270a314cfdc4254087c622c43f653c713553d62a4e8f3277974feccf80c8d1a47ddc6797ad3efd9abfb9903b125f359af0bf3746ac07b8f3947f676a00889ae7e14f093e03fbc359fd07fcd3965aeec77a8b73f252b833713516e7bbabc7ccbb3db42fbdc9e3a4df57baef7a03190dc82543d4fda28ecf9d0f59fbd44613c2afdee815ec117d8c9f265189297650873d5e95a700f0c5dd29c164f0525a73282698a05c300f3ef362cf775cd2f1bb914af566ee62e59263a858fc602ea3153753f3c2b9cc1bc05d86c0874281f8eaa92d3d6c34f21706eaaf6596b429a0fc1bce9f597cff55798cb775b1845b5d565b7913305aeb126f3938b88ad91ca01dbdb089145390d2e917a93ffb5631c08e2bb6a540847dc9c1cd66b429504c7bea77d96e5ce5b5b566cecc1576c55aa273293eeb3093b2fe90ac5976f252cedd5ed14fa52d3318bf80bf8a3744d75956c98f92f9e5b6ff998471a12ab4cce49c77f606031933780ca39dba72d4d728950968224f9c9f3e2faefc137d3ae29e42bf7637ee2349b94102a628b5e33ff96a59d89c2e23c31fb3539037cf9050e76fdbb4d8d619b4427287dee7167fb98b8b4305dc5119ae34e35adce2da5c9c9d5ff903569afc0ab8ad7928b776a27b2c639b3a1d999a701f35b80314da99a8f09bc3b17cd03480fa853c06ae4880997dc711bb39fb49d1e58be9a0cd631b290744f3375a4f656c42682fa7b05d1bea2f8c03f8f307026368c224f90d8b2c1a14f15f7e2d200d0e4713e60b7d7e956b42429b2f50d70c5f4522bbfbcb899508e55cad5d595c7af711bb528787b721861e19a741df224238682ada750a39c33207dc604bb69d3b32b4c3bec4f9775d88fc49d8f93b69e94382074f1b34fa6f9457e166ade60eb7343c7d2d49abcd0d7604ed884a76e71579f5c10a064a981d5d30820531b9db2761c71b76ad8d4fbc63f7424e932f645a0c06faa60913fe0e3b6553580e439080d76828983a249dc9c69fb66dc138aa6ff9ad477d0638017276b140363b08f5af76919cb257296663c32f5112f10002774571c06265d81348d2e3f0ef3843ea4789e1148f5c6034bffe1ab2e63e3cb13dd851d4cbc800bccd4a9d44c367fcc5b0ce8f292fbbb994cdbe02ff9a7cbb9954ff155dfe95711432bf0c4e5e69ceaa440ba4cebf73718d0df0664ba8166089b7561980f48b4012804e362bd757daf385d30b414283b5058004f285f816f10711a8fc7681258922d7a9f4d6c1a257885f9ef8e8d60b30bbcfba36cb1aa58926a27a32dd1986c0ae2fcc5363bec7ff942a3e297670843d8f7f76a40a01983baf9226fb5b8d27d8420c91007f4854a64897d218ba98607be8c526c06ecb7a5dd03fbf071714aba76f8058094f3c95af5bf4294abfed95bc2b316bd11b18c2693cc8cf29e52cfa16c9c74b330b15fbd729b6c9c7f99f497c47dcd46e36f6cb995d888c7d3be16226bcc15d5e13c63cd928cbe685cb0d733ea337f9ae287ed0f18745d004373c4486534dce49c6b1175cf01a5f845164acde01adb0762df99865088c39978e6f7ce69cb6153559730255d5f609ce3938b4e85c0cbfca4a24da6edd56eea5304a500ee11fa4f6420425470e0568bce2720ea42e8e19ec9006127963d7a4c1b4e49184c5b4a516e4286402041db4258554a13df2344de5faa59dfa41dc926903fb7ace00c177530455c83576d246eaba10869f25caf8ead97873ce8f8c19e967d5cd6aeb7d2d18371ca18905046c3c2460c078a4e595458199a38cc4d5e9ea44b6382dd97871ede65cd2ad80ae8feaa092ba39c32dbe9d81ae35503135cdc47df2a3378a833227b6353a6c2a34f0a50566160ff0836103bbe50ee73922692df2c13584b119f939e46387d6a10de77cc68e55aaea166d1f6cc7c119d4459c1fe6b73cc026e481b165663d72ac926d4e16dadfb1968ad0d81b97afc383ae47de99f13971a59699f49da211a02fabd617d4fc03e4cc9f22a490cecfce9bfd2ac6bb77f312d6dd9a584b09c4ccbd7f8c637128562e92b61af0befa88fdb96a27452a0094b3ce306a69cd4270817014e7d3bb87a0805e05c40d5b2b56cf571fcebd7bdfa9b976dfcfdfac7bc00c2e2e8502bf6316792aa5b3f822dca5d83b7f374945bb316e987138f904598937a702ff605ad8f3c79d502c8bff8e98723fb799db77c87afc36642e3dd5e6448de8134e885cde7e8c0ca15390e330931a9bd93c17c9b11d8590589ca03051946aeb626d291b887d50c62cfb0442a6ccc49f7037cc99b0952f623559682558aefad09e0d85bf3033849cfb42c8a830ff9afb390fa93f89019c82e3e8e49e5860d88f7a3402dc1d3fdcb99f44c2736ea3a8e5ffa01d44197257228ae8f965a81bbfe8fb818c2b685604b08753c851d36edd48f7070ac2fe1ee2d4a7fb7463c1506ee3b338607deee8f0b07e0aa48e97b15de86eca182e0b8691aff30c0601706254d4cfdca13f7a83c84780bc6fd5cef533e3c2f039e750f7dc3ddfbc981096deb9f5efa4bc9de6f92392e65723ae9243db04496c035bd596f48914a320e1c7b40f4476a243fc0e67a0c73f4f07a649b4d41a01fcb66e2a495a0939c98abd94c9981f081560788a39b26b259e1e39d3de5930c54cb1df53b656d9381ad15115445d631f6ad86f43fa684d20c2db066ab8d0209e628b885277be07cf1308fde29d19cfebde151f5588f21fe3f7a4d9ad4fa9faf8a826c41191e0e6a2c92925fb3554b6cd6c769ba9b46c7d9faa55b136b1f005751b683368287ce94238c92e8f561b7fb6352de592bfa57da570171c1384e41d3b91c251a7609e875a629856a037d109ce869f1431f05320c2a79cd4c14f0e520f869819329d5aa5e1e8f769aa8bb2a3602661624d7f9a9258c06b92a99498142d34decd32aab7540d4014762f13c3ffec2d178b0c55e50a4d11fe5c38971b1f03341e23a5c7de70970efb836655d2f29f04bc1974a373ffcd21fc67536cf51746415b1ba9f8d233941e9277c31b856c3025a78ac31b53a6f5c40a6fe9978404fcfad290da4030cc7b5e98b15ae890e36f26bf6a06ee746f5b600649910d38f30bf3a7d62cdb295aac9427f66e082b0c6811c3bf4172580dd1a71bdff2cfc4d4ee9a063730c926a1c707cfae5021929e130aca9876ecb5683c1ae0fa2e2a41448f5f74a6e72f4299569a1e7f8cec046e413e7ddf91741a2dcc1cd6070a592dd0a9dbcaa8868922ee09bc1d34f0812809d38bb2006f375de1f9aa4adad877d4a9ba6af96f712054329dcd342cf308785b4c8da2bdb6235b256ea1debc277d0c22ba044b23119df5e80653237ece8d7bdafbb46398a76e0f6f2d06e4ca78aa39a5e2d8fc0d1150d143bc653283460d52e4bc02df4204cd8bb89ab7cd24bb9e2fcec833817d21c7a4685a26a5d223e8dc0ab740f6e0f87b17600b72f4e2662f02a2e01584d9a360e7be28e61d9b03291c31086c7c321fef364ee8cade0bc4b738f05919f11765a84b9018b30831244022e43fc7095a2199165764921e3a67304230f09e932d0034f4848b3518d38747fa3d22947eca3fe94f3680fb63bbbf26d6fd0668029f71726accf6f542d13c6f0ffb4d1077746cf306b2885f7d43f6e0869d154bcf1a28dc10a02ac2d8ca20e3e78aeed8509c2f26adf9b2b4e947b1e715a3fd1eef4a2e44baa597f7088ef40876caa949187d1364cec89fa337f4bddcdf7b5193dd96260213f14824608f462b4d99dc544b398cbbf32a1417f7ec17ee2180199ad011ecbc219908bf2dec488f8e1bebefce9dd316c1f18a5872de693f07ef3ec5749ca8d6fbbe7f07066b48391191a79c3f098d1760a4d0155d70f8084062726388262ae212da6d8b32a1275a13792600a4c432c95f41642322e1c8a8552fef1267e3aa525581b60d536912f823b157aff89a0b84945fe4818ea9d0c04af630ca7a9ba55933fbcaa8f1c1c3ea333f1eda174401c9804c6402c535910133ee955347b83d8394ddca480ddd75898e9997efe43606ee444cbb1bbd06f4722866ea538f37cb71b00493d1246623c64556e26aee70ce487276c27e0e12d811d9209673f1af064642d884ace82875d5d6b30703943cdd83e41dab92ff49071ad50804c5c3cc69d0ee80f75844fae490397e0dcc58864547e1904ad76b556944b248203712d02bd90ed854bdd7316bd50a0393a25e2c0aa83618b553c17f0571ef047aa3a9505a5e6b1d1a12a8938e5aed0c7551b59cf3b69aad922abffe3f4718ebaca77dd68be721a9680a0546daa4a30c70d5f3606eb1c26104aaffb99825ab13d6ec899bfaf342cd35f21c81c2fcf15362bcfc8a7aeba81cb6a8b4b688fcda9c590ff18cec5d69a90f7c33e985c3e573a59ead794153eb096fd882651db7ca7f282b0ce46b0b62df81c3ef445eeebf4b0b592dcf110aa840f0078ce38d0ac35bcee50a6ff32905697c055f3a71d81d26411de85ea21d08cb37f1f0df190c72fbfec62dcd18ee241ed0745d202cfea5b3e05561f2f307daa135d09006d1fa44268ced0676daffed899743566f5de01f5b9148b43634fa919e7b8ca2951e4b505b976148843e1ea98e4d25e317aa531bbb58c5dd260c4d887f3501fec081afdb069745739259254f935cc006f87dcd6304db6b3550ed5dd8bc01eae87e75d283e1d1f5629c375a6031780b1637f2b9b752b015e606a36b9812e2937", 0x1000}, {&(0x7f0000003c40)="36f73c6fad3177c9db605a7f949dc10ac76009cfdc424463baedddc225e0c91dae3d4960d7247dba6e59116c341a56d3179122f20c508790f5b5751006dc00499d4e01585f4c32854f672f9f1c940cdc049d225e6391c398375796c314ae04bb5c6a27998c625e236eac31335df666897960adbd30c24bb6d3adf2a8d8b5192556590177f9d2d64a30c7e726a36c3cd175136917b5dd4bf4d76bff795562e81371", 0xa1}, {&(0x7f0000003d00)="2e7ca7c77c3164b53b5186ae4fe576f3bae1608222c45114c6eea327f6b20711c823706fade8fc78a0ce360bb2de8c2efcbb8ea3ab58a7ac815604d2015833bee4b6129ec262d69d92c44437fd6278430217d446d632585398a2bb9d1be31f6597640650e78b2358b36f17f871fd4c57c87d6ce173b482057e78913299812a81ac4400b77e516d7d16928a144e754aa896dd1099e17ea4c068cd9cb18555ffea8bcbffbbbcc91597d9230cd05fd47ad02107fbec071bd2baeb8524da85c92d217631569932c74e5a02ac0b431296c3117121779cd405aab95aaed2e2316ce35d8c777202e3ccc9319d1da3041a070f9353ebe381cf40c760", 0xf8}, {&(0x7f0000003e00)="e8073101babeb510db4a6e2b546dfd8069e5d51c3c7e189d77542fb183c32de24ddd0ed2d8cf8c6f43c310cb97e6c8be8d8334b85d30f754ed1ac146", 0x3c}], 0x5, 0x0)

00:23:57 executing program 1:
syz_io_uring_setup(0x2378, &(0x7f0000000140), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0)
r0 = syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000280), &(0x7f0000000240))
mmap$IORING_OFF_CQ_RING(&(0x7f00001a9000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x8000000)
syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000200), &(0x7f0000000240))

00:23:57 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:57 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:57 executing program 1:
syz_io_uring_setup(0x2378, &(0x7f0000000140), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0)
r0 = syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000280), &(0x7f0000000240))
mmap$IORING_OFF_CQ_RING(&(0x7f00001a9000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x8000000)
syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000200), &(0x7f0000000240))

00:23:57 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b0918e4972be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9c6f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d64415761534dae491de7642a7c52cc6d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9125939ed96a074eb04a348a666bf58b23ac4edcce4000000000000007f6acccc7c3100feab512becc3d0cda56b0ba42c4c7e123885ed0e374af1414a766297f3c78b0edf153f508f51971ee2c2b7ea506db26d9cf3c35324f3cd2158f38601e12b361e1f154489d9c90f9ecee549e0f8b7c5b9d9297f8a88ce437211876c095e4b5d53ac5cd7cd1d7235d1578058fbce883eed933d66e10cfb715e11bb28", 0x123}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  253.718658][ T1033]  loop5: p2 < > p3 p4
[  253.722830][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  253.747476][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  253.753708][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  253.812254][   T25] audit: type=1326 audit(1622420637.246:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20009 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
[  253.839953][ T1033]  loop2: p2 < > p3 p4
00:23:57 executing program 1:
syz_io_uring_setup(0x2378, &(0x7f0000000140), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0)
r0 = syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000280), &(0x7f0000000240))
mmap$IORING_OFF_CQ_RING(&(0x7f00001a9000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x8000000)
syz_io_uring_setup(0x5f13, &(0x7f0000000180), &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x400000)=nil, &(0x7f0000000200), &(0x7f0000000240))

00:23:57 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0xc058534b, &(0x7f00000000c0)={0x82})

[  253.858873][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  253.866282][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  253.866297][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  253.883358][ T1033]  loop1: p2 < > p3 p4
[  253.883400][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  253.883924][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  253.883938][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  253.921451][ T1033]  loop1: p2 < > p3 p4
[  253.921526][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  253.922402][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  253.922415][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  253.979976][ T1033]  loop1: p2 < > p3 p4
[  254.016533][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  254.023416][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  254.023427][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  254.075932][ T1033]  loop2: p2 < > p3 p4
[  254.080132][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  254.086792][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  254.093039][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:58 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x1d}, {0x16}]})
socket$inet(0x2, 0x0, 0x0)

00:23:58 executing program 3:
add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000003c0)={0x0, "8af435ed17abd69f4e05cb62a7d6842c758e6a7489cf5ac326fe6df447bfc647c927e2f9c4fee2cb0ff7afc8c55011e51bcae088945ec77c440cd700eaa3b60b"}, 0x48, 0x0)
add_key(0x0, 0x0, &(0x7f00000002c0)="d96ccd8088e5ad712e1f45002c368c75e95ad499ce0a07bf71dd5524b00a1446322be225b3690f6ec8ea4bd34fb7b0e8ac385aac89758706563b940552b01ac61fd178dfe5465ac97cc8e5919c1c8190e442822753710fddd6218a4f1cc311a0ee39aeacb9e27190780e45c6e7812a083fd255606ed9cb2faf9044402a3517bc03a458e00d1a9df40d5b2cd361a0286de51faec16992490a4e1cded0365bd4a86228", 0xa2, 0x0)
add_key(0x0, &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000240)='logon\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f0000000680)="17de5c1a761614d2c44356cce170958b2bed3b0e15203320209ae21726aea5a87b8f5e8ee44e9debbff18fd24f0a4792d614e373b006486b004941e6cb", 0x3d, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002500)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000600)="e00ae718c4cb64ed6c24c264b550b86d8832542163873ed7880f57850f6797221e94116145d4a82e9a0fb546b03f9301c1809d4807d30ddf7b80facd96ffa0f73b5e75b1999037ecfab6028441d38ed4373fd5536dac663e098a22e37ef623d68f21ef739d83e19ca483073b85efc5d50e828cc4a2147f1e299bdfffaf9f4e6d", 0x80}], 0x1}}], 0x1, 0x0)
keyctl$update(0x2, 0x0, &(0x7f00000000c0)="09f916e2c924c26a7d4f26a1948985116025c510a121c2af84d4a3e323d198c80eb5d7155bb1bfdfb9dc1a7354e1519141efa067fd7b3c8f162b2a627d0119f4153234e658a79e7382332e56b6e62221baef10fb09d19706014252ddf359ab13a72a88378b65d8ac786f6b171900fa2779cbb365657d62c74d7165b0da3268ac0fc72e6ff660dd58e987d9fd5c0a35b4585f3a6d9d8587f421b388dc987b8c", 0x9f)
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)="c0f5207ee74ad987524d395b52b5258adc9566983ae91361875485c578a84e52b914dabd8aad78ced512954eb1e66302f117ea55ee2a38c7ffdb8b2d4571ca663b92", 0x42}, {&(0x7f00000004c0)="b7fdffdeb06cc650c4a301f1257a27e86b1e09a0ab1d188f9208ffd881feb74acb4ecf80075a548fa795f6c84411585ce11c3f1f9c7e21512b6693667ac3a17a1eb15d9b43eccc5243c0de3ed6acd9ff2f9381d81353e97df9f6f3c74efeafcbdbbf22f29870d4e8d9c6cfca1bc587236818d35958478a122be8b4c9e2bfee769424ce7fdce38a13db02d3c3e8308e593781107776032c2f249e45ed2a10ea5dd720c3177cd6e407", 0xa8}], 0x2, &(0x7f0000000580)=[@txtime={{0x18, 0x1, 0x3d, 0x8000007}}, @timestamping={{0x14}}, @txtime={{0x18}}], 0x48}}], 0x1, 0x0)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000002a40)=""/4112, 0x1010}], 0x1, 0x0, 0x0)

00:23:58 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)='configfs\x00', 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(\x00'/118, 0x0)
write(r0, &(0x7f00000004c0)='1', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
sendfile(r0, r0, &(0x7f0000000240), 0x463)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

00:23:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0xc058534b, &(0x7f00000000c0)={0x82})

00:23:58 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:58 executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:58 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x5423, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

00:23:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0xc058534b, &(0x7f00000000c0)={0x82})

00:23:58 executing program 2:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
poll(0x0, 0x0, 0x7f)

[  254.654048][ T1033]  loop5: p2 < > p3 p4
[  254.658184][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  254.665070][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  254.671253][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:58 executing program 4:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x104, 0x0, 0x0, 0x20000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0, 0xfffffffffffffe69}, {0x0}, {&(0x7f00000193c0)=""/102385, 0x6fe4}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1e)

00:23:58 executing program 3:
add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000003c0)={0x0, "8af435ed17abd69f4e05cb62a7d6842c758e6a7489cf5ac326fe6df447bfc647c927e2f9c4fee2cb0ff7afc8c55011e51bcae088945ec77c440cd700eaa3b60b"}, 0x48, 0x0)
add_key(0x0, 0x0, &(0x7f00000002c0)="d96ccd8088e5ad712e1f45002c368c75e95ad499ce0a07bf71dd5524b00a1446322be225b3690f6ec8ea4bd34fb7b0e8ac385aac89758706563b940552b01ac61fd178dfe5465ac97cc8e5919c1c8190e442822753710fddd6218a4f1cc311a0ee39aeacb9e27190780e45c6e7812a083fd255606ed9cb2faf9044402a3517bc03a458e00d1a9df40d5b2cd361a0286de51faec16992490a4e1cded0365bd4a86228", 0xa2, 0x0)
add_key(0x0, &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000240)='logon\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f0000000680)="17de5c1a761614d2c44356cce170958b2bed3b0e15203320209ae21726aea5a87b8f5e8ee44e9debbff18fd24f0a4792d614e373b006486b004941e6cb", 0x3d, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002500)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000600)="e00ae718c4cb64ed6c24c264b550b86d8832542163873ed7880f57850f6797221e94116145d4a82e9a0fb546b03f9301c1809d4807d30ddf7b80facd96ffa0f73b5e75b1999037ecfab6028441d38ed4373fd5536dac663e098a22e37ef623d68f21ef739d83e19ca483073b85efc5d50e828cc4a2147f1e299bdfffaf9f4e6d", 0x80}], 0x1}}], 0x1, 0x0)
keyctl$update(0x2, 0x0, &(0x7f00000000c0)="09f916e2c924c26a7d4f26a1948985116025c510a121c2af84d4a3e323d198c80eb5d7155bb1bfdfb9dc1a7354e1519141efa067fd7b3c8f162b2a627d0119f4153234e658a79e7382332e56b6e62221baef10fb09d19706014252ddf359ab13a72a88378b65d8ac786f6b171900fa2779cbb365657d62c74d7165b0da3268ac0fc72e6ff660dd58e987d9fd5c0a35b4585f3a6d9d8587f421b388dc987b8c", 0x9f)
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)="c0f5207ee74ad987524d395b52b5258adc9566983ae91361875485c578a84e52b914dabd8aad78ced512954eb1e66302f117ea55ee2a38c7ffdb8b2d4571ca663b92", 0x42}, {&(0x7f00000004c0)="b7fdffdeb06cc650c4a301f1257a27e86b1e09a0ab1d188f9208ffd881feb74acb4ecf80075a548fa795f6c84411585ce11c3f1f9c7e21512b6693667ac3a17a1eb15d9b43eccc5243c0de3ed6acd9ff2f9381d81353e97df9f6f3c74efeafcbdbbf22f29870d4e8d9c6cfca1bc587236818d35958478a122be8b4c9e2bfee769424ce7fdce38a13db02d3c3e8308e593781107776032c2f249e45ed2a10ea5dd720c3177cd6e407", 0xa8}], 0x2, &(0x7f0000000580)=[@txtime={{0x18, 0x1, 0x3d, 0x8000007}}, @timestamping={{0x14}}, @txtime={{0x18}}], 0x48}}], 0x1, 0x0)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000002a40)=""/4112, 0x1010}], 0x1, 0x0, 0x0)

00:23:58 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0xc058534b, &(0x7f00000000c0)={0x82})

[  254.763432][   T25] audit: type=1326 audit(1622420638.196:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
[  254.809713][ T1033]  loop2: p2 < > p3 p4
[  254.819092][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  254.835459][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  254.841868][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  254.884626][ T1033]  loop1: p2 < > p3 p4
[  254.888772][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  254.895731][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  254.901935][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  254.925052][ T1033]  loop2: p2 < > p3 p4
[  254.929251][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  254.935899][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  254.942066][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 3:
add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000003c0)={0x0, "8af435ed17abd69f4e05cb62a7d6842c758e6a7489cf5ac326fe6df447bfc647c927e2f9c4fee2cb0ff7afc8c55011e51bcae088945ec77c440cd700eaa3b60b"}, 0x48, 0x0)
add_key(0x0, 0x0, &(0x7f00000002c0)="d96ccd8088e5ad712e1f45002c368c75e95ad499ce0a07bf71dd5524b00a1446322be225b3690f6ec8ea4bd34fb7b0e8ac385aac89758706563b940552b01ac61fd178dfe5465ac97cc8e5919c1c8190e442822753710fddd6218a4f1cc311a0ee39aeacb9e27190780e45c6e7812a083fd255606ed9cb2faf9044402a3517bc03a458e00d1a9df40d5b2cd361a0286de51faec16992490a4e1cded0365bd4a86228", 0xa2, 0x0)
add_key(0x0, &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000240)='logon\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f0000000680)="17de5c1a761614d2c44356cce170958b2bed3b0e15203320209ae21726aea5a87b8f5e8ee44e9debbff18fd24f0a4792d614e373b006486b004941e6cb", 0x3d, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002500)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000600)="e00ae718c4cb64ed6c24c264b550b86d8832542163873ed7880f57850f6797221e94116145d4a82e9a0fb546b03f9301c1809d4807d30ddf7b80facd96ffa0f73b5e75b1999037ecfab6028441d38ed4373fd5536dac663e098a22e37ef623d68f21ef739d83e19ca483073b85efc5d50e828cc4a2147f1e299bdfffaf9f4e6d", 0x80}], 0x1}}], 0x1, 0x0)
keyctl$update(0x2, 0x0, &(0x7f00000000c0)="09f916e2c924c26a7d4f26a1948985116025c510a121c2af84d4a3e323d198c80eb5d7155bb1bfdfb9dc1a7354e1519141efa067fd7b3c8f162b2a627d0119f4153234e658a79e7382332e56b6e62221baef10fb09d19706014252ddf359ab13a72a88378b65d8ac786f6b171900fa2779cbb365657d62c74d7165b0da3268ac0fc72e6ff660dd58e987d9fd5c0a35b4585f3a6d9d8587f421b388dc987b8c", 0x9f)
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)="c0f5207ee74ad987524d395b52b5258adc9566983ae91361875485c578a84e52b914dabd8aad78ced512954eb1e66302f117ea55ee2a38c7ffdb8b2d4571ca663b92", 0x42}, {&(0x7f00000004c0)="b7fdffdeb06cc650c4a301f1257a27e86b1e09a0ab1d188f9208ffd881feb74acb4ecf80075a548fa795f6c84411585ce11c3f1f9c7e21512b6693667ac3a17a1eb15d9b43eccc5243c0de3ed6acd9ff2f9381d81353e97df9f6f3c74efeafcbdbbf22f29870d4e8d9c6cfca1bc587236818d35958478a122be8b4c9e2bfee769424ce7fdce38a13db02d3c3e8308e593781107776032c2f249e45ed2a10ea5dd720c3177cd6e407", 0xa8}], 0x2, &(0x7f0000000580)=[@txtime={{0x18, 0x1, 0x3d, 0x8000007}}, @timestamping={{0x14}}, @txtime={{0x18}}], 0x48}}], 0x1, 0x0)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000002a40)=""/4112, 0x1010}], 0x1, 0x0, 0x0)

00:23:59 executing program 4:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x104, 0x0, 0x0, 0x20000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0, 0xfffffffffffffe69}, {0x0}, {&(0x7f00000193c0)=""/102385, 0x6fe4}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1e)

00:23:59 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)='configfs\x00', 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(\x00'/118, 0x0)
write(r0, &(0x7f00000004c0)='1', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
sendfile(r0, r0, &(0x7f0000000240), 0x463)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

00:23:59 executing program 0:
r0 = syz_io_uring_setup(0x2f04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x40000000}], 0x1)

00:23:59 executing program 2:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
poll(0x0, 0x0, 0x7f)

00:23:59 executing program 5:
r0 = openat(0xffffffffffffffff, &(0x7f0000001640)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1, 0x10, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x0)
mlock(&(0x7f0000fff000/0x1000)=nil, 0xffffffffdf000fff)

00:23:59 executing program 4:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x104, 0x0, 0x0, 0x20000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0, 0xfffffffffffffe69}, {0x0}, {&(0x7f00000193c0)=""/102385, 0x6fe4}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1e)

00:23:59 executing program 3:
add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000003c0)={0x0, "8af435ed17abd69f4e05cb62a7d6842c758e6a7489cf5ac326fe6df447bfc647c927e2f9c4fee2cb0ff7afc8c55011e51bcae088945ec77c440cd700eaa3b60b"}, 0x48, 0x0)
add_key(0x0, 0x0, &(0x7f00000002c0)="d96ccd8088e5ad712e1f45002c368c75e95ad499ce0a07bf71dd5524b00a1446322be225b3690f6ec8ea4bd34fb7b0e8ac385aac89758706563b940552b01ac61fd178dfe5465ac97cc8e5919c1c8190e442822753710fddd6218a4f1cc311a0ee39aeacb9e27190780e45c6e7812a083fd255606ed9cb2faf9044402a3517bc03a458e00d1a9df40d5b2cd361a0286de51faec16992490a4e1cded0365bd4a86228", 0xa2, 0x0)
add_key(0x0, &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000240)='logon\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f0000000680)="17de5c1a761614d2c44356cce170958b2bed3b0e15203320209ae21726aea5a87b8f5e8ee44e9debbff18fd24f0a4792d614e373b006486b004941e6cb", 0x3d, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002500)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000600)="e00ae718c4cb64ed6c24c264b550b86d8832542163873ed7880f57850f6797221e94116145d4a82e9a0fb546b03f9301c1809d4807d30ddf7b80facd96ffa0f73b5e75b1999037ecfab6028441d38ed4373fd5536dac663e098a22e37ef623d68f21ef739d83e19ca483073b85efc5d50e828cc4a2147f1e299bdfffaf9f4e6d", 0x80}], 0x1}}], 0x1, 0x0)
keyctl$update(0x2, 0x0, &(0x7f00000000c0)="09f916e2c924c26a7d4f26a1948985116025c510a121c2af84d4a3e323d198c80eb5d7155bb1bfdfb9dc1a7354e1519141efa067fd7b3c8f162b2a627d0119f4153234e658a79e7382332e56b6e62221baef10fb09d19706014252ddf359ab13a72a88378b65d8ac786f6b171900fa2779cbb365657d62c74d7165b0da3268ac0fc72e6ff660dd58e987d9fd5c0a35b4585f3a6d9d8587f421b388dc987b8c", 0x9f)
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)="c0f5207ee74ad987524d395b52b5258adc9566983ae91361875485c578a84e52b914dabd8aad78ced512954eb1e66302f117ea55ee2a38c7ffdb8b2d4571ca663b92", 0x42}, {&(0x7f00000004c0)="b7fdffdeb06cc650c4a301f1257a27e86b1e09a0ab1d188f9208ffd881feb74acb4ecf80075a548fa795f6c84411585ce11c3f1f9c7e21512b6693667ac3a17a1eb15d9b43eccc5243c0de3ed6acd9ff2f9381d81353e97df9f6f3c74efeafcbdbbf22f29870d4e8d9c6cfca1bc587236818d35958478a122be8b4c9e2bfee769424ce7fdce38a13db02d3c3e8308e593781107776032c2f249e45ed2a10ea5dd720c3177cd6e407", 0xa8}], 0x2, &(0x7f0000000580)=[@txtime={{0x18, 0x1, 0x3d, 0x8000007}}, @timestamping={{0x14}}, @txtime={{0x18}}], 0x48}}], 0x1, 0x0)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000002a40)=""/4112, 0x1010}], 0x1, 0x0, 0x0)

[  255.604799][ T1033]  loop5: p2 < > p3 p4
[  255.608989][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  255.630447][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  255.636650][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 0:
r0 = syz_io_uring_setup(0x2f04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x40000000}], 0x1)

00:23:59 executing program 5:
r0 = openat(0xffffffffffffffff, &(0x7f0000001640)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1, 0x10, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x0)
mlock(&(0x7f0000fff000/0x1000)=nil, 0xffffffffdf000fff)

00:23:59 executing program 4:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x104, 0x0, 0x0, 0x20000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0, 0xfffffffffffffe69}, {0x0}, {&(0x7f00000193c0)=""/102385, 0x6fe4}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x1e)

00:23:59 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)='configfs\x00', 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(\x00'/118, 0x0)
write(r0, &(0x7f00000004c0)='1', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
sendfile(r0, r0, &(0x7f0000000240), 0x463)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

00:23:59 executing program 4:
r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x18}, 0x200)
io_uring_enter(r0, 0x418, 0x0, 0x0, 0x0, 0x0)

00:23:59 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = fork()
rt_sigqueueinfo(r1, 0x2a, &(0x7f0000000540)={0x0, 0x0, 0xffdffffe})
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xf7}], 0x2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff2e}], 0x8, 0x0)

00:23:59 executing program 0:
r0 = syz_io_uring_setup(0x2f04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x40000000}], 0x1)

[  255.783893][ T1033]  loop5: p2 < > p3 p4
00:23:59 executing program 2:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
poll(0x0, 0x0, 0x7f)

00:23:59 executing program 5:
r0 = openat(0xffffffffffffffff, &(0x7f0000001640)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1, 0x10, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x0)
mlock(&(0x7f0000fff000/0x1000)=nil, 0xffffffffdf000fff)

00:23:59 executing program 0:
r0 = syz_io_uring_setup(0x2f04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x40000000}], 0x1)

00:23:59 executing program 4:
r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x18}, 0x200)
io_uring_enter(r0, 0x418, 0x0, 0x0, 0x0, 0x0)

[  255.810191][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  255.836167][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  255.842513][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 5:
r0 = openat(0xffffffffffffffff, &(0x7f0000001640)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1, 0x10, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x0)
mlock(&(0x7f0000fff000/0x1000)=nil, 0xffffffffdf000fff)

00:23:59 executing program 4:
r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x18}, 0x200)
io_uring_enter(r0, 0x418, 0x0, 0x0, 0x0, 0x0)

00:23:59 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = fork()
rt_sigqueueinfo(r1, 0x2a, &(0x7f0000000540)={0x0, 0x0, 0xffdffffe})
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xf7}], 0x2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff2e}], 0x8, 0x0)

00:23:59 executing program 1:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)='configfs\x00', 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(\x00'/118, 0x0)
write(r0, &(0x7f00000004c0)='1', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
sendfile(r0, r0, &(0x7f0000000240), 0x463)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

00:23:59 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8)
ptrace$cont(0x18, r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

[  255.917598][ T1033]  loop1: p2 < > p3 p4
[  255.930001][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  255.953664][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  255.959909][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 2:
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
poll(0x0, 0x0, 0x7f)

00:23:59 executing program 4:
r0 = syz_io_uring_setup(0x2de5, &(0x7f0000000000), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x18}, 0x200)
io_uring_enter(r0, 0x418, 0x0, 0x0, 0x0, 0x0)

00:23:59 executing program 5:
r0 = semget$private(0x0, 0x6, 0x0)
unshare(0x20040400)
semtimedop(r0, &(0x7f0000000280)=[{0x0, 0x8001, 0x1000}], 0x1, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040))

[  256.047310][ T1033]  loop2: p2 < > p3 p4
00:23:59 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8)
ptrace$cont(0x18, r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

00:23:59 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = fork()
rt_sigqueueinfo(r1, 0x2a, &(0x7f0000000540)={0x0, 0x0, 0xffdffffe})
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xf7}], 0x2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff2e}], 0x8, 0x0)

00:23:59 executing program 4:
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r0, 0x0, r1, 0x0, 0x10000, 0x0)

[  256.070124][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  256.088393][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  256.095217][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
dup2(r2, r0)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x453, 0x0, 0x0, 0x0, "f3"}, 0x14}}, 0x0)

00:23:59 executing program 4:
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r0, 0x0, r1, 0x0, 0x10000, 0x0)

00:23:59 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xff, 0x5, 0x1, 0x2, 0x8})

[  256.171814][ T1033]  loop5: p2 < > p3 p4
[  256.174098][   T25] audit: type=1107 audit(1622420639.606:341): pid=20240 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='óÁ'
[  256.184943][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  256.211806][ T1033] loop5: p3 start 225 is beyond EOD, truncated
00:23:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
dup2(r2, r0)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x453, 0x0, 0x0, 0x0, "f3"}, 0x14}}, 0x0)

00:23:59 executing program 4:
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r0, 0x0, r1, 0x0, 0x10000, 0x0)

00:23:59 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xff, 0x5, 0x1, 0x2, 0x8})

[  256.215525][   T25] audit: type=1107 audit(1622420639.636:342): pid=20240 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='óÁ'
[  256.218039][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:23:59 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = fork()
rt_sigqueueinfo(r1, 0x2a, &(0x7f0000000540)={0x0, 0x0, 0xffdffffe})
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xf7}], 0x2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff2e}], 0x8, 0x0)

00:23:59 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
dup2(r2, r0)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x453, 0x0, 0x0, 0x0, "f3"}, 0x14}}, 0x0)

[  256.283472][   T25] audit: type=1107 audit(1622420639.716:343): pid=20253 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='óÁ'
[  256.318177][ T1033]  loop1: p2 < > p3 p4
[  256.322575][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  256.325362][   T25] audit: type=1107 audit(1622420639.756:344): pid=20262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='óÁ'
[  256.330733][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  256.349299][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  256.366243][ T1033]  loop2: p2 < > p3 p4
[  256.370897][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  256.377655][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  256.383871][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  256.404186][ T1033]  loop5: p2 < > p3 p4
[  256.410544][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  256.417486][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  256.423930][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  256.453346][ T1033]  loop1: p2 < > p3 p4
[  256.457704][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  256.464549][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  256.470749][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  256.488861][ T1033]  loop2: p2 < > p3 p4
[  256.492988][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  256.499956][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  256.506114][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  256.522121][ T1033]  loop2: p2 < > p3 p4
[  256.526287][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  256.532858][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  256.539165][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  256.562865][ T1033]  loop2: p2 < > p3 p4
[  256.567011][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  256.573740][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  256.579925][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:00 executing program 5:
r0 = semget$private(0x0, 0x6, 0x0)
unshare(0x20040400)
semtimedop(r0, &(0x7f0000000280)=[{0x0, 0x8001, 0x1000}], 0x1, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040))

[  256.976008][ T1033]  loop5: p2 < > p3 p4
[  256.980197][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  256.986951][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  256.993364][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  257.824685][ T1033]  loop5: p2 < > p3 p4
[  257.828895][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  257.835433][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  257.841845][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:02 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xff, 0x5, 0x1, 0x2, 0x8})

00:24:02 executing program 5:
r0 = semget$private(0x0, 0x6, 0x0)
unshare(0x20040400)
semtimedop(r0, &(0x7f0000000280)=[{0x0, 0x8001, 0x1000}], 0x1, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040))

00:24:02 executing program 4:
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r1)
socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="1c0000002200", 0x6)
splice(r0, 0x0, r1, 0x0, 0x10000, 0x0)

00:24:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
dup2(r2, r0)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x453, 0x0, 0x0, 0x0, "f3"}, 0x14}}, 0x0)

00:24:02 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8)
ptrace$cont(0x18, r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

00:24:02 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000440)="c4c691019919da"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:02 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000440)="c4c691019919da"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:02 executing program 4:
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f0000000400)={0x0})

[  259.143681][   T25] audit: type=1326 audit(1622420642.577:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
00:24:02 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000440)="c4c691019919da"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:02 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b5b383b000700000b000000000000005d"], 0xdd)

00:24:02 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xff, 0x5, 0x1, 0x2, 0x8})

00:24:02 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x24}, {0x4}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

[  259.246474][ T1033]  loop1: p2 < > p3 p4
[  259.251193][   T25] audit: type=1326 audit(1622420642.577:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.253626][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  259.284435][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:24:02 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x24}, {0x4}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

[  259.290664][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  259.309195][ T1033]  loop2: p2 < > p3 p4
[  259.311497][   T25] audit: type=1326 audit(1622420642.577:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.315892][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  259.352786][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  259.355190][   T25] audit: type=1326 audit(1622420642.577:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.358991][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  259.383577][   T25] audit: type=1326 audit(1622420642.577:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.411304][ T1033]  loop1: p2 < > p3 p4
[  259.419627][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  259.426304][   T25] audit: type=1326 audit(1622420642.577:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=1 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.433649][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  259.450368][   T25] audit: type=1326 audit(1622420642.577:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.456259][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  259.470667][ T1033]  loop2: p2 < > p3 p4
[  259.480673][   T25] audit: type=1326 audit(1622420642.577:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20336 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.492026][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  259.515663][   T25] audit: type=1326 audit(1622420642.577:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20339 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.522637][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  259.547630][   T25] audit: type=1326 audit(1622420642.577:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20339 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000
[  259.552191][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  260.027875][ T1033]  loop5: p2 < > p3 p4
[  260.032138][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  260.039022][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  260.045177][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:05 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b5b383b000700000b000000000000005d"], 0xdd)

00:24:05 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x8)
ptrace$cont(0x18, r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x18, r0, 0x0, 0x0)

00:24:05 executing program 5:
r0 = semget$private(0x0, 0x6, 0x0)
unshare(0x20040400)
semtimedop(r0, &(0x7f0000000280)=[{0x0, 0x8001, 0x1000}], 0x1, 0x0)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040))

00:24:05 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x24}, {0x4}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

00:24:05 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000440)="c4c691019919da"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x4, "382e83da"}, &(0x7f0000000140)=0x28)

00:24:05 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x24}, {0x4}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

00:24:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x4, "382e83da"}, &(0x7f0000000140)=0x28)

00:24:05 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b5b383b000700000b000000000000005d"], 0xdd)

00:24:05 executing program 3:
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x200000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:24:05 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x4, "382e83da"}, &(0x7f0000000140)=0x28)

00:24:05 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
timer_create(0x9, 0x0, &(0x7f0000000040))
timer_gettime(0x0, &(0x7f0000001240))

[  262.252781][ T1033]  loop2: p2 < > p3 p4
[  262.257041][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  262.269514][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  262.275706][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  262.313466][ T1033]  loop1: p2 < > p3 p4
[  262.321985][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  262.329398][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  262.335566][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  262.361692][ T1033]  loop2: p2 < > p3 p4
[  262.365862][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  262.372748][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  262.378936][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  262.406007][ T1033]  loop2: p2 < > p3 p4
[  262.410202][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  262.416856][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  262.423105][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  262.438856][ T1033]  loop1: p2 < > p3 p4
[  262.443222][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  262.450737][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  262.456938][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  263.058404][ T1033]  loop5: p2 < > p3 p4
[  263.062564][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  263.069194][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  263.075344][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:08 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b5b383b000700000b000000000000005d"], 0xdd)

00:24:08 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c791a753a1fef2c5600bd9b74ab3d412f5e9e99be7b9b3811e701000000000000fb8005128e7e4d939955f8ac396203784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09fbd15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000000000000000730428fde6136b8e97c32a552841516ab78c83f85cfe873f70957000dac653b3b313d8000000000000007f05470dad528d3b41", 0x12e}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:08 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x4, "382e83da"}, &(0x7f0000000140)=0x28)

00:24:08 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
timer_create(0x9, 0x0, &(0x7f0000000040))
timer_gettime(0x0, &(0x7f0000001240))

00:24:08 executing program 5:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:08 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x29, 0x0, 0xfffffffffffffffe, 0x4)

00:24:08 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x29, 0x0, 0xfffffffffffffffe, 0x4)

00:24:08 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read$char_raw(r1, &(0x7f0000000400)={""/53017}, 0xd000)

00:24:08 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c791a753a1fef2c5600bd9b74ab3d412f5e9e99be7b9b3811e701000000000000fb8005128e7e4d939955f8ac396203784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09fbd15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000000000000000730428fde6136b8e97c32a552841516ab78c83f85cfe873f70957000dac653b3b313d8000000000000007f05470dad528d3b41", 0x12e}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:08 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
timer_create(0x9, 0x0, &(0x7f0000000040))
timer_gettime(0x0, &(0x7f0000001240))

00:24:08 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x29, 0x0, 0xfffffffffffffffe, 0x4)

00:24:08 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
timer_create(0x9, 0x0, &(0x7f0000000040))
timer_gettime(0x0, &(0x7f0000001240))

[  265.289659][ T1033]  loop2: p2 < > p3 p4
[  265.302618][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  265.325402][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  265.331658][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:08 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read$char_raw(r1, &(0x7f0000000400)={""/53017}, 0xd000)

00:24:08 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x29, 0x0, 0xfffffffffffffffe, 0x4)

00:24:08 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c791a753a1fef2c5600bd9b74ab3d412f5e9e99be7b9b3811e701000000000000fb8005128e7e4d939955f8ac396203784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09fbd15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000000000000000730428fde6136b8e97c32a552841516ab78c83f85cfe873f70957000dac653b3b313d8000000000000007f05470dad528d3b41", 0x12e}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  265.407763][ T1033]  loop1: p2 < > p3 p4
[  265.420415][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  265.434856][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  265.441058][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  265.473720][ T1033]  loop1: p2 < > p3 p4
[  265.477993][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  265.485198][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  265.491402][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  265.540727][ T1033]  loop1: p2 < > p3 p4
[  265.545277][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  265.552712][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  265.558916][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  265.656405][ T1033]  loop2: p2 < > p3 p4
[  265.660556][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  265.667169][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  265.673342][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:09 executing program 5:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:09 executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000000400000066000f", 0xf, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x802, 0x1000}, {&(0x7f0000011500)="ed41000000080000d3f4655fd3f4655fd3f4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', 0x419e02, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000780)="c3", 0x1}], 0x1, 0x0, 0x0)

00:24:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read$char_raw(r1, &(0x7f0000000400)={""/53017}, 0xd000)

00:24:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000e80)=[{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x20}], 0x3, 0x0)

00:24:09 executing program 3:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e71b0fb1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c791a753a1fef2c5600bd9b74ab3d412f5e9e99be7b9b3811e701000000000000fb8005128e7e4d939955f8ac396203784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09fbd15f0332701d9d14a3f3109d666578cc0266bce7860eaaf305a0ee2af0f82dfefd5e00d421b000000000000000000000000000000730428fde6136b8e97c32a552841516ab78c83f85cfe873f70957000dac653b3b313d8000000000000007f05470dad528d3b41", 0x12e}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:09 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000e80)=[{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x20}], 0x3, 0x0)

[  266.158060][ T1033]  loop5: p2 < > p3 p4
[  266.162539][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  266.175684][T20588] loop0: detected capacity change from 0 to 512
[  266.182132][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  266.188353][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read$char_raw(r1, &(0x7f0000000400)={""/53017}, 0xd000)

00:24:09 executing program 3:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000e80)=[{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x20}], 0x3, 0x0)

00:24:09 executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000000400000066000f", 0xf, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x802, 0x1000}, {&(0x7f0000011500)="ed41000000080000d3f4655fd3f4655fd3f4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', 0x419e02, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000780)="c3", 0x1}], 0x1, 0x0, 0x0)

00:24:09 executing program 1:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

[  266.259663][T20588] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  266.277501][ T1033]  loop1: p2 < > p3 p4
[  266.283225][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  266.295454][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  266.301675][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  266.384685][ T1033]  loop1: p2 < > p3 p4
[  266.389145][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  266.391492][T20635] loop0: detected capacity change from 0 to 512
[  266.402112][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  266.408316][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  266.416992][T20635] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  266.562598][ T1033]  loop2: p2 < > p3 p4
[  266.566937][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  266.573671][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  266.579898][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:10 executing program 5:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000e80)=[{0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x20}], 0x3, 0x0)

00:24:10 executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000000400000066000f", 0xf, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x802, 0x1000}, {&(0x7f0000011500)="ed41000000080000d3f4655fd3f4655fd3f4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', 0x419e02, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000780)="c3", 0x1}], 0x1, 0x0, 0x0)

00:24:10 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:10 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

[  267.086371][ T1033]  loop5: p2 < > p3 p4
[  267.090861][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  267.103293][T20667] loop0: detected capacity change from 0 to 512
[  267.111346][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  267.117561][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:10 executing program 3:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

[  267.141366][T20667] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
00:24:10 executing program 1:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:10 executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f000000000000000100000001000000004000000040000020000000d3f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010300)="02000000030000000400000066000f", 0xf, 0x800}, {&(0x7f0000010400)="ffffff03000000000000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x802, 0x1000}, {&(0x7f0000011500)="ed41000000080000d3f4655fd3f4655fd3f4655f000000000000040004", 0x1d, 0x2200}], 0x0, &(0x7f0000000080)=ANY=[])
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', 0x419e02, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000780)="c3", 0x1}], 0x1, 0x0, 0x0)

[  267.287607][ T1033]  loop1: p2 < > p3 p4
[  267.298301][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  267.313595][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  267.319798][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  267.327082][T20702] loop0: detected capacity change from 0 to 512
[  267.389824][T20702] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
00:24:10 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:10 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

00:24:10 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:11 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

[  267.511957][ T1033]  loop2: p2 < > p3 p4
[  267.516277][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  267.533688][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  267.539932][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  267.827035][ T1033]  loop2: p2 < > p3 p4
[  267.831209][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  267.838528][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  267.844702][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:11 executing program 5:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:11 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

00:24:11 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read(r1, &(0x7f0000000780)=""/101, 0x65)

00:24:11 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x0)
write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff)
getpid()
rename(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')

00:24:11 executing program 3:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

00:24:11 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read(r1, &(0x7f0000000780)=""/101, 0x65)

00:24:11 executing program 1:
r0 = semget$private(0x0, 0x20000000102, 0x0)
semop(r0, &(0x7f0000000040)=[{0x3, 0x6}, {0x3}], 0x2)
semop(r0, &(0x7f0000000000)=[{0x0, 0xff0b}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fork()
semop(r0, &(0x7f00000000c0)=[{0x0, 0x7fff}], 0x1)

[  268.000147][ T1033]  loop5: p2 < > p3 p4
[  268.004363][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  268.034916][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  268.041180][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:11 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

00:24:11 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read(r1, &(0x7f0000000780)=""/101, 0x65)

00:24:11 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000bc0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0)

00:24:11 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000300), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0xb0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9effffff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xff09}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xb0}}, 0x0)

[  268.135943][ T1033]  loop2: p2 < > p3 p4
[  268.144096][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  268.151076][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  268.157255][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:11 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
read(r1, &(0x7f0000000780)=""/101, 0x65)

[  268.191066][ T1033]  loop1: p2 < > p3 p4
[  268.205918][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  268.213306][T20794] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  268.222420][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  268.228784][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  268.276224][ T1033]  loop2: p2 < > p3 p4
[  268.280697][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  268.290295][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  268.296482][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  268.326352][ T1033]  loop2: p2 < > p3 p4
[  268.330612][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  268.337867][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  268.344137][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  268.374000][ T1033]  loop2: p2 < > p3 p4
[  268.378168][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  268.384774][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  268.390974][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:12 executing program 1:
r0 = syz_io_uring_setup(0x7dbf, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0}, 0x0)
io_uring_enter(r0, 0x393c, 0x0, 0x0, 0x0, 0x0)

00:24:12 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000300), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0xb0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9effffff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xff09}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xb0}}, 0x0)

00:24:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ee6000/0x4000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000001a80))

00:24:12 executing program 4:
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='mqueue\x00', &(0x7f0000000140)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='ppp1[\x00', &(0x7f00000004c0)='\x15\xcc\x10\xddu\xfe\x7f\xcb\f\xc6\xc1^N\xec\x95\xa5\x9a~\x8f\xba[\xaeC(\xbf\xf31\xee\x00\xfc\xd4\xc2\x7f\xb9\x8f\x94k\x85n\x9f\x1e\xf7\xee\xb7\x00\x8bg$?OM+\x9d\x1f\x05\xf4\x8d%\xf6\xb5l\x8f\xaf<\xef\"V\x9f\xde\xf5\xa6\xe8\xa0\x99R}\xa9\x83\xd9\xe2\xfa}\xaf\xf3\xc0\xd0\x81to\xe9k4U1\xea\xa3\xa2F\x01\xf2$\xd8\xea\xe0 I\xa8\xd4\nYp\x9c-P\x90\xea?o\xc4\x17]cW\xd5\xa9Y\x8d\xffp\x9a\n;\xb8\xf1)e\x7f\xc8G\x8dv\xfb\xe3\x03\x10WV\xfa\xed\xb7\xee\x1eW\xc7\xbc\xe3S\x97\x00'/171, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000300)='.vboxnet0^keyring,%\x00', &(0x7f0000000480)='selinuxwlan0eth1+md5sum\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='&em0wlan1-\x00', &(0x7f0000000380)='bdevtrusted\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='/dev/audio\x00', &(0x7f0000000200)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000400)='\xc8:,#\x00', &(0x7f00000005c0)='./file0\x00', 0xffffffffffffff9c)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='!-]F^\x00', &(0x7f0000000280)='i-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='ppp1[\x00', &(0x7f0000000080)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x4, &(0x7f00000000c0)='\x00', &(0x7f0000000600), 0x0)

00:24:12 executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000000))

00:24:12 executing program 5:
unshare(0x6c060000)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x2, [{}, {}]}, 0x48)

[  268.958056][ T1033]  loop1: p2 < > p3 p4
[  268.962287][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  268.977602][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  268.983803][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:12 executing program 4:
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='mqueue\x00', &(0x7f0000000140)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='ppp1[\x00', &(0x7f00000004c0)='\x15\xcc\x10\xddu\xfe\x7f\xcb\f\xc6\xc1^N\xec\x95\xa5\x9a~\x8f\xba[\xaeC(\xbf\xf31\xee\x00\xfc\xd4\xc2\x7f\xb9\x8f\x94k\x85n\x9f\x1e\xf7\xee\xb7\x00\x8bg$?OM+\x9d\x1f\x05\xf4\x8d%\xf6\xb5l\x8f\xaf<\xef\"V\x9f\xde\xf5\xa6\xe8\xa0\x99R}\xa9\x83\xd9\xe2\xfa}\xaf\xf3\xc0\xd0\x81to\xe9k4U1\xea\xa3\xa2F\x01\xf2$\xd8\xea\xe0 I\xa8\xd4\nYp\x9c-P\x90\xea?o\xc4\x17]cW\xd5\xa9Y\x8d\xffp\x9a\n;\xb8\xf1)e\x7f\xc8G\x8dv\xfb\xe3\x03\x10WV\xfa\xed\xb7\xee\x1eW\xc7\xbc\xe3S\x97\x00'/171, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000300)='.vboxnet0^keyring,%\x00', &(0x7f0000000480)='selinuxwlan0eth1+md5sum\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='&em0wlan1-\x00', &(0x7f0000000380)='bdevtrusted\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='/dev/audio\x00', &(0x7f0000000200)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000400)='\xc8:,#\x00', &(0x7f00000005c0)='./file0\x00', 0xffffffffffffff9c)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='!-]F^\x00', &(0x7f0000000280)='i-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='ppp1[\x00', &(0x7f0000000080)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x4, &(0x7f00000000c0)='\x00', &(0x7f0000000600), 0x0)

00:24:12 executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000000))

[  269.015921][T20846] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
00:24:12 executing program 1:
r0 = syz_io_uring_setup(0x7dbf, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0}, 0x0)
io_uring_enter(r0, 0x393c, 0x0, 0x0, 0x0, 0x0)

00:24:12 executing program 5:
unshare(0x6c060000)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x2, [{}, {}]}, 0x48)

00:24:12 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000300), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0xb0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9effffff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xff09}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xb0}}, 0x0)

00:24:12 executing program 4:
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='mqueue\x00', &(0x7f0000000140)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='ppp1[\x00', &(0x7f00000004c0)='\x15\xcc\x10\xddu\xfe\x7f\xcb\f\xc6\xc1^N\xec\x95\xa5\x9a~\x8f\xba[\xaeC(\xbf\xf31\xee\x00\xfc\xd4\xc2\x7f\xb9\x8f\x94k\x85n\x9f\x1e\xf7\xee\xb7\x00\x8bg$?OM+\x9d\x1f\x05\xf4\x8d%\xf6\xb5l\x8f\xaf<\xef\"V\x9f\xde\xf5\xa6\xe8\xa0\x99R}\xa9\x83\xd9\xe2\xfa}\xaf\xf3\xc0\xd0\x81to\xe9k4U1\xea\xa3\xa2F\x01\xf2$\xd8\xea\xe0 I\xa8\xd4\nYp\x9c-P\x90\xea?o\xc4\x17]cW\xd5\xa9Y\x8d\xffp\x9a\n;\xb8\xf1)e\x7f\xc8G\x8dv\xfb\xe3\x03\x10WV\xfa\xed\xb7\xee\x1eW\xc7\xbc\xe3S\x97\x00'/171, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000300)='.vboxnet0^keyring,%\x00', &(0x7f0000000480)='selinuxwlan0eth1+md5sum\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='&em0wlan1-\x00', &(0x7f0000000380)='bdevtrusted\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='/dev/audio\x00', &(0x7f0000000200)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000400)='\xc8:,#\x00', &(0x7f00000005c0)='./file0\x00', 0xffffffffffffff9c)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='!-]F^\x00', &(0x7f0000000280)='i-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='ppp1[\x00', &(0x7f0000000080)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x4, &(0x7f00000000c0)='\x00', &(0x7f0000000600), 0x0)

[  269.094776][ T1033]  loop5: p2 < > p3 p4
[  269.112076][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:12 executing program 5:
unshare(0x6c060000)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x2, [{}, {}]}, 0x48)

00:24:12 executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000000))

00:24:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ee6000/0x4000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000001a80))

00:24:12 executing program 1:
r0 = syz_io_uring_setup(0x7dbf, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0}, 0x0)
io_uring_enter(r0, 0x393c, 0x0, 0x0, 0x0, 0x0)

00:24:12 executing program 4:
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='mqueue\x00', &(0x7f0000000140)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='ppp1[\x00', &(0x7f00000004c0)='\x15\xcc\x10\xddu\xfe\x7f\xcb\f\xc6\xc1^N\xec\x95\xa5\x9a~\x8f\xba[\xaeC(\xbf\xf31\xee\x00\xfc\xd4\xc2\x7f\xb9\x8f\x94k\x85n\x9f\x1e\xf7\xee\xb7\x00\x8bg$?OM+\x9d\x1f\x05\xf4\x8d%\xf6\xb5l\x8f\xaf<\xef\"V\x9f\xde\xf5\xa6\xe8\xa0\x99R}\xa9\x83\xd9\xe2\xfa}\xaf\xf3\xc0\xd0\x81to\xe9k4U1\xea\xa3\xa2F\x01\xf2$\xd8\xea\xe0 I\xa8\xd4\nYp\x9c-P\x90\xea?o\xc4\x17]cW\xd5\xa9Y\x8d\xffp\x9a\n;\xb8\xf1)e\x7f\xc8G\x8dv\xfb\xe3\x03\x10WV\xfa\xed\xb7\xee\x1eW\xc7\xbc\xe3S\x97\x00'/171, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000300)='.vboxnet0^keyring,%\x00', &(0x7f0000000480)='selinuxwlan0eth1+md5sum\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000340)='&em0wlan1-\x00', &(0x7f0000000380)='bdevtrusted\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000001c0)='/dev/audio\x00', &(0x7f0000000200)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000400)='\xc8:,#\x00', &(0x7f00000005c0)='./file0\x00', 0xffffffffffffff9c)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='!-]F^\x00', &(0x7f0000000280)='i-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='ppp1[\x00', &(0x7f0000000080)='/dev/audio\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x4, &(0x7f00000000c0)='\x00', &(0x7f0000000600), 0x0)

[  269.144847][T20869] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
[  269.164053][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  269.170270][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:12 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000300), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0xb0, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x84, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x9effffff}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0xff09}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xb0}}, 0x0)

00:24:12 executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000000))

00:24:12 executing program 1:
r0 = syz_io_uring_setup(0x7dbf, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ee8000/0x4000)=nil, &(0x7f0000ee9000/0x4000)=nil, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0}, 0x0)
io_uring_enter(r0, 0x393c, 0x0, 0x0, 0x0, 0x0)

00:24:12 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/187, 0xbb}], 0x1, 0x0, 0x0)

00:24:12 executing program 5:
unshare(0x6c060000)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'filter\x00', 0x2, [{}, {}]}, 0x48)

[  269.257200][T20890] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.0'.
00:24:12 executing program 0:
pipe2(&(0x7f0000001580)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$snapshot(r0, &(0x7f0000001700)='~', 0x20001701)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100))

00:24:12 executing program 1:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000d6f4655fd6f4655f0100ffff53ef010001000000d5f4655f000000000000000001000000000000000b0000000001000018000000c28500002b02", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000028305c8a835f4f4da440baa59e2884cb010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000050040", 0x29, 0x540}, {&(0x7f0000010300)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012500)="ed41000000100000d5f4655fd6f4655fd6f4655f000000000000040080", 0x1d, 0x4100}, {&(0x7f0000000040)="000000000000159175", 0x9, 0x4180}, {&(0x7f0000013400)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000013a00))

00:24:12 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/187, 0xbb}], 0x1, 0x0, 0x0)

00:24:12 executing program 3:
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0xb, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)

[  269.311977][ T1033]  loop5: p2 < > p3 p4
[  269.329446][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  269.337122][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  269.343329][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ee6000/0x4000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000001a80))

00:24:12 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:12 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/187, 0xbb}], 0x1, 0x0, 0x0)

00:24:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
getsockopt$inet6_opts(r1, 0x29, 0x18, 0x0, &(0x7f00000014c0))

00:24:12 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/187, 0xbb}], 0x1, 0x0, 0x0)

[  269.466409][ T1033]  loop1: p2 < > p3 p4
00:24:12 executing program 3:
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0xb, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)

00:24:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
getsockopt$inet6_opts(r1, 0x29, 0x18, 0x0, &(0x7f00000014c0))

00:24:13 executing program 4:
clone3(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000002080), 0x400000000000014b}, 0x85)

[  269.492908][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  269.518923][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  269.525115][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  269.598726][ T1033]  loop1: p2 < > p3 p4
[  269.603165][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  269.610592][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  269.616802][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  269.635340][ T1033]  loop2: p2 < > p3 p4
[  269.639537][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  269.646094][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  269.652291][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  269.672551][ T1033]  loop5: p2 < > p3 p4
[  269.677555][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  269.684664][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  269.690934][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  269.712986][ T1033]  loop1: p2 < > p3 p4
[  269.717094][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  269.724366][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  269.730696][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  269.763949][ T1033]  loop2: p2 < > p3 p4
[  269.768115][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  269.774816][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  269.781011][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  269.798488][ T1033]  loop2: p2 < > p3 p4
[  269.802624][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  269.809754][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  269.816032][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  270.059290][ T1033]  loop1: p2 < > p3 p4
[  270.063439][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  270.070652][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  270.076900][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  270.098584][ T1033]  loop1: p2 < > p3 p4
[  270.102716][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  270.109543][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  270.115731][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:13 executing program 0:
pipe2(&(0x7f0000001580)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$snapshot(r0, &(0x7f0000001700)='~', 0x20001701)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100))

00:24:13 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ee6000/0x4000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000001a80))

00:24:13 executing program 3:
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0xb, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)

00:24:13 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
getsockopt$inet6_opts(r1, 0x29, 0x18, 0x0, &(0x7f00000014c0))

00:24:13 executing program 4:
clone3(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000002080), 0x400000000000014b}, 0x85)

00:24:13 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:13 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800004, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
getsockopt$inet6_opts(r1, 0x29, 0x18, 0x0, &(0x7f00000014c0))

00:24:13 executing program 4:
clone3(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000002080), 0x400000000000014b}, 0x85)

00:24:13 executing program 3:
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0xb, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)

[  270.271806][ T1033]  loop1: p2 < > p3 p4
[  270.276053][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:13 executing program 4:
clone3(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000002080), 0x400000000000014b}, 0x85)

00:24:13 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:13 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x200300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000))
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f00000002c0)={&(0x7f0000001600)=""/4096, 0x1000})
ptrace$getregs(0xe, r1, 0x0, &(0x7f0000000080)=""/122)

[  270.324966][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  270.331198][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  270.393342][ T1033]  loop5: p2 < > p3 p4
[  270.400115][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  270.409198][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  270.415388][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  270.471170][ T1033]  loop5: p2 < > p3 p4
[  270.475530][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  270.483292][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  270.489521][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  270.538013][ T1033]  loop2: p2 < > p3 p4
[  270.542274][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  270.549314][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  270.555533][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  270.577788][ T1033]  loop5: p2 < > p3 p4
[  270.582102][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  270.590206][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  270.596385][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  270.921750][ T1033]  loop1: p2 < > p3 p4
[  270.925914][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  270.932946][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  270.939138][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:14 executing program 0:
pipe2(&(0x7f0000001580)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$snapshot(r0, &(0x7f0000001700)='~', 0x20001701)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100))

00:24:14 executing program 2:
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000000)=@req3={0x0, 0x100000001}, 0xacf0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:24:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x200300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000))
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f00000002c0)={&(0x7f0000001600)=""/4096, 0x1000})
ptrace$getregs(0xe, r1, 0x0, &(0x7f0000000080)=""/122)

00:24:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, r1, 0xb15, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0)

00:24:14 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:14 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, r1, 0xb15, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0)

00:24:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x200300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000))
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f00000002c0)={&(0x7f0000001600)=""/4096, 0x1000})
ptrace$getregs(0xe, r1, 0x0, &(0x7f0000000080)=""/122)

00:24:14 executing program 2:
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000000)=@req3={0x0, 0x100000001}, 0xacf0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:24:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, r1, 0xb15, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0)

00:24:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x200300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
r1 = getpid()
rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000))
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f00000002c0)={&(0x7f0000001600)=""/4096, 0x1000})
ptrace$getregs(0xe, r1, 0x0, &(0x7f0000000080)=""/122)

[  271.173400][ T1033]  loop1: p2 < > p3 p4
[  271.185927][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  271.208814][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  271.215225][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:14 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

[  271.294927][ T1033]  loop5: p2 < > p3 p4
[  271.300312][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  271.307991][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  271.314341][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  271.338417][ T1033]  loop2: p2 < > p3 p4
[  271.342881][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  271.351534][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  271.357809][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  271.379857][ T1033]  loop5: p2 < > p3 p4
[  271.384883][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  271.392124][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  271.398409][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  271.407311][    C1] sd 0:0:1:0: [sg0] tag#2738 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  271.417675][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB: Copy Verify
[  271.423765][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  271.424719][ T1033]  loop2: p2 < > p3 p4
[  271.433322][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  271.433338][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  271.443077][ T1033] loop2: p2 size 2 extends beyond EOD, 
[  271.447046][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  271.456580][ T1033] truncated
[  271.459054][ T1033] loop2: p3 start 225 is beyond EOD, 
[  271.462147][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  271.471696][ T1033] truncated
[  271.471701][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  271.499911][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  271.509501][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  271.519068][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  271.528657][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  271.538226][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  271.547825][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  271.557401][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  271.566972][    C1] sd 0:0:1:0: [sg0] tag#2738 CDB[c0]: b2 20 c3 35 b6
[  271.932900][T21092] syz-executor.3 (21092) used greatest stack depth: 10456 bytes left
00:24:15 executing program 0:
pipe2(&(0x7f0000001580)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$snapshot(r0, &(0x7f0000001700)='~', 0x20001701)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100))

00:24:15 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:15 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, r1, 0xb15, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0)

00:24:15 executing program 2:
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000000)=@req3={0x0, 0x100000001}, 0xacf0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:24:15 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x8d}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f0000000200)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[])
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000000)='./file1\x00')
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c", 0x22b)
sendfile(r0, r1, 0x0, 0x1c500)

00:24:15 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x37, 0xfffffffffffffffc, &(0x7f00000000c0))

00:24:15 executing program 2:
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000000)=@req3={0x0, 0x100000001}, 0xacf0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

[  272.026739][ T1033]  loop1: p2 < > p3 p4
[  272.039709][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  272.057395][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  272.063698][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:15 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlockall(0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)

00:24:15 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x37, 0xfffffffffffffffc, &(0x7f00000000c0))

00:24:15 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

[  272.177953][ T1033]  loop2: p2 < > p3 p4
[  272.193733][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  272.216674][ T1033] loop2: p3 start 225 is beyond EOD, truncated
00:24:15 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x37, 0xfffffffffffffffc, &(0x7f00000000c0))

[  272.222886][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:15 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x37, 0xfffffffffffffffc, &(0x7f00000000c0))

[  272.256635][ T1033]  loop1: p2 < > p3 p4
[  272.270113][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  272.280866][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  272.287054][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  272.317959][    C1] sd 0:0:1:0: [sg0] tag#2719 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  272.328340][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB: Copy Verify
[  272.334411][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  272.338530][ T1033]  loop2: p2 < > p3 p4
[  272.343969][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  272.357621][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  272.367224][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  272.376772][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  272.378099][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  272.386342][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  272.402223][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  272.405253][ T1033] loop2: p3 start 225 is beyond EOD, 
[  272.411786][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  272.411803][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  272.411818][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  272.411843][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  272.411858][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  272.411874][    C1] sd 0:0:1:0: [sg0] tag#2719 CDB[c0]: b2 20 c3 35 b6
[  272.417264][ T1033] truncated
[  272.475162][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  272.501148][ T1033]  loop5: p2 < > p3 p4
[  272.505301][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  272.516205][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  272.522413][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  272.544871][ T1033]  loop2: p2 < > p3 p4
[  272.549091][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  272.556117][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  272.562322][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:16 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:16 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlockall(0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)

00:24:16 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

00:24:16 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_read_part_table(0x402, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000100)="8199ee7e19ff010000008107008d2300000000a440f03562e3493c00005536b560000001040000000000604d6c7d00000000545c4d8810a49792055f000855aa", 0x40, 0x1c0}])

[  272.815133][ T1033]  loop1: p2 < > p3 p4
[  272.820435][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  272.827914][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  272.834084][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080)=0x7ff, 0x4)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)="290000005200190f00003fffffffc20602000f0000e80001ec040000040d000a00ea11000000050000", 0x29}], 0x1)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f00000000c0)=0x8001, 0x4)
recvmmsg(r0, &(0x7f0000003040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

00:24:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080)=0x7ff, 0x4)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)="290000005200190f00003fffffffc20602000f0000e80001ec040000040d000a00ea11000000050000", 0x29}], 0x1)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f00000000c0)=0x8001, 0x4)
recvmmsg(r0, &(0x7f0000003040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

[  273.011618][    C0] sd 0:0:1:0: [sg0] tag#2698 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  273.021994][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB: Copy Verify
[  273.028082][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  273.037638][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  273.047217][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
00:24:16 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:16 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlockall(0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)

00:24:16 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

[  273.056783][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  273.066383][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  273.076047][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  273.085620][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  273.095187][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  273.104780][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  273.114364][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  273.124016][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  273.133576][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  273.143161][    C0] sd 0:0:1:0: [sg0] tag#2698 CDB[c0]: b2 20 c3 35 b6
00:24:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080)=0x7ff, 0x4)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)="290000005200190f00003fffffffc20602000f0000e80001ec040000040d000a00ea11000000050000", 0x29}], 0x1)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f00000000c0)=0x8001, 0x4)
recvmmsg(r0, &(0x7f0000003040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

[  273.176875][ T1033]  loop5: p2 < > p3 p4
[  273.181723][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  273.194430][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  273.200615][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080)=0x7ff, 0x4)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)="290000005200190f00003fffffffc20602000f0000e80001ec040000040d000a00ea11000000050000", 0x29}], 0x1)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f00000000c0)=0x8001, 0x4)
recvmmsg(r0, &(0x7f0000003040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

[  273.232097][ T1033]  loop2: p2 < > p3 p4
[  273.241982][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  273.249349][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  273.255593][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  273.274451][    C1] sd 0:0:1:0: [sg0] tag#2699 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  273.284999][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB: Copy Verify
[  273.291196][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  273.300773][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  273.310348][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  273.319911][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  273.321207][ T1033]  loop2: p2 < > p3 p4
[  273.329492][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  273.334564][ T1033] loop2: p2 size 2 extends beyond EOD, 
[  273.343069][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  273.343073][ T1033] truncated
[  273.343087][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  273.358340][ T1033] loop2: p3 start 225 is beyond EOD, 
[  273.361267][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  273.361290][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  273.361302][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  273.361315][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  273.361327][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  273.361340][    C1] sd 0:0:1:0: [sg0] tag#2699 CDB[c0]: b2 20 c3 35 b6
[  273.430876][ T1033] truncated
[  273.433968][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:17 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:17 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:17 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlockall(0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)

00:24:17 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

00:24:17 executing program 3:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

[  273.769508][ T1033]  loop1: p2 < > p3 p4
[  273.773676][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  273.795623][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  273.801838][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:17 executing program 3:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

00:24:17 executing program 0:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

[  273.897615][    C0] sd 0:0:1:0: [sg0] tag#2700 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  273.908108][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB: Copy Verify
[  273.914193][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  273.923884][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  273.933462][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  273.943023][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  273.952748][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  273.953278][    C1] sd 0:0:1:0: [sg0] tag#2701 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  273.962319][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  273.972646][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB: Copy Verify
[  273.972660][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  273.982193][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  273.988273][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  273.997789][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  274.007346][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  274.016835][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  274.026367][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  274.035888][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  274.045430][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  274.054951][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  274.064458][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  274.073975][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  274.083502][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  274.093064][    C0] sd 0:0:1:0: [sg0] tag#2700 CDB[c0]: b2 20 c3 35 b6
[  274.102572][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  274.128489][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  274.138059][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
00:24:17 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:17 executing program 3:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r2, 0x0, 0xf0ff7f, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63)

00:24:17 executing program 2:
r0 = fork()
setpgid(r0, 0x0)

[  274.147626][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  274.157283][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  274.166827][    C1] sd 0:0:1:0: [sg0] tag#2701 CDB[c0]: b2 20 c3 35 b6
[  274.176103][ T1033]  loop2: p2 < > p3 p4
[  274.180358][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:17 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000061c0)=""/75)

00:24:17 executing program 2:
r0 = fork()
setpgid(r0, 0x0)

[  274.207589][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  274.213815][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  274.274900][ T1033]  loop5: p2 < > p3 p4
[  274.279457][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  274.287430][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  274.293616][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  274.322096][ T1033]  loop2: p2 < > p3 p4
[  274.326320][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  274.333002][    C1] sd 0:0:1:0: [sg0] tag#2702 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  274.343354][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB: Copy Verify
[  274.349450][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  274.359165][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  274.368776][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  274.378327][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  274.387956][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  274.397575][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  274.407291][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  274.416839][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  274.417141][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  274.426598][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  274.432792][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  274.442303][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  274.459082][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  274.468682][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  274.474637][ T1033]  loop2: p2 < > p3 p4
[  274.478249][    C1] sd 0:0:1:0: [sg0] tag#2702 CDB[c0]: b2 20 c3 35 b6
[  274.484485][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  274.497245][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  274.503600][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:18 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xc, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000500)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
read(r1, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000001c0)={0x53, 0xffffffffffffffff, 0xc5, 0x43, @buffer={0x0, 0xf3, &(0x7f00000002c0)=""/243}, &(0x7f00000003c0)="3aa65ac7ae42de6ab41a7ed8e4d5353ef2b25f0638c27b90c8f2e0c9435aeacf128579a474ad630f9568132a0f090e656a1338f25e8e5d04cd4cb287292a6313eb5a7e37c09a287d0ced536c65d3e5117a724e421efa63cd26bb94d24d754957fd15cd3da5a1d9ba076a4fa21ad8a4278b870e23ad8deb104f3eb5665aa6714bbb9a99e6c04b8e200832cea076389d3695837838d62bbdee4094a595dc9c051e4998c012cbcf205bb70f22d14283869af6bea07f084565d177c3a75d6a551335b220c335b6", &(0x7f00000000c0)=""/31, 0x8, 0x21, 0x1, &(0x7f0000000100)})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)

00:24:18 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000061c0)=""/75)

00:24:18 executing program 2:
r0 = fork()
setpgid(r0, 0x0)

00:24:18 executing program 3:
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000000c0)={0x0, "b360c56a76a3a5f72301515d39b06e5e9f11b08e97ef395e5c9ad051fb978f7ea3d2a095a22fdb6ed5649d41accd5c9be01f941fe1f2fc85a151af6c894d0da3"}, 0x48, 0xfffffffffffffffe)
keyctl$get_security(0x11, r0, &(0x7f0000001300)=""/91, 0x5b)

00:24:18 executing program 3:
futex(0x0, 0x9, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)

00:24:18 executing program 2:
r0 = fork()
setpgid(r0, 0x0)

[  274.650127][ T1033]  loop1: p2 < > p3 p4
[  274.654359][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  274.677153][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  274.683378][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  274.761556][ T1033]  loop2: p2 < > p3 p4
[  274.765859][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  274.773008][    C1] sd 0:0:1:0: [sg0] tag#2703 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  274.776334][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  274.783498][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB: Copy Verify
[  274.783511][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  274.783524][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  274.783536][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  274.783550][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  274.789683][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  274.795743][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  274.842483][ T1033]  loop2: p2 < > p3 p4
[  274.850819][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  274.856271][    C0] sd 0:0:1:0: [sg0] tag#2704 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s
[  274.864412][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
[  274.874708][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB: Copy Verify
[  274.884242][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  274.890291][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[00]: 3a a6 5a c7 ae 42 de 6a b4 1a 7e d8 e4 d5 35 3e
[  274.899822][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  274.909472][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[10]: f2 b2 5f 06 38 c2 7b 90 c8 f2 e0 c9 43 5a ea cf
[  274.918999][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  274.928533][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[20]: 12 85 79 a4 74 ad 63 0f 95 68 13 2a 0f 09 0e 65
[  274.938069][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
[  274.947611][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[30]: 6a 13 38 f2 5e 8e 5d 04 cd 4c b2 87 29 2a 63 13
[  274.957142][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  274.966659][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[40]: eb 5a 7e 37 c0 9a 28 7d 0c ed 53 6c 65 d3 e5 11
[  274.966675][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[50]: 7a 72 4e 42 1e fa 63 cd 26 bb 94 d2 4d 75 49 57
[  274.976301][    C1] sd 0:0:1:0: [sg0] tag#2703 CDB[c0]: b2 20 c3 35 b6
[  274.985855][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[60]: fd 15 cd 3d a5 a1 d9 ba 07 6a 4f a2 1a d8 a4 27
00:24:18 executing program 2:
setresuid(0x0, 0xee00, 0x0)
r0 = geteuid()
setresuid(0x0, r0, 0xee01)

00:24:18 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000061c0)=""/75)

00:24:18 executing program 3:
futex(0x0, 0x9, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)

[  275.011872][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[70]: 8b 87 0e 23 ad 8d eb 10 4f 3e b5 66 5a a6 71 4b
[  275.021548][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[80]: bb 9a 99 e6 c0 4b 8e 20 08 32 ce a0 76 38 9d 36
[  275.031120][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[90]: 95 83 78 38 d6 2b bd ee 40 94 a5 95 dc 9c 05 1e
[  275.037094][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  275.040687][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[a0]: 49 98 c0 12 cb cf 20 5b b7 0f 22 d1 42 83 86 9a
00:24:18 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
close_range(r0, 0xffffffffffffffff, 0x2)
fchdir(r1)

00:24:18 executing program 3:
futex(0x0, 0x9, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)

[  275.056543][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[b0]: f6 be a0 7f 08 45 65 d1 77 c3 a7 5d 6a 55 13 35
[  275.066099][    C0] sd 0:0:1:0: [sg0] tag#2704 CDB[c0]: b2 20 c3 35 b6
[  275.079235][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  275.085438][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  275.146402][ T1033]  loop5: p2 < > p3 p4
[  275.150871][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  275.158786][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  275.164975][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  275.190743][ T1033]  loop5: p2 < > p3 p4
[  275.195073][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  275.202063][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  275.208448][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:19 executing program 3:
futex(0x0, 0x9, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)

00:24:19 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
close_range(r0, 0xffffffffffffffff, 0x2)
fchdir(r1)

00:24:19 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000061c0)=""/75)

00:24:19 executing program 2:
setresuid(0x0, 0xee00, 0x0)
r0 = geteuid()
setresuid(0x0, r0, 0xee01)

00:24:19 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
close_range(r0, 0xffffffffffffffff, 0x2)
fchdir(r1)

00:24:19 executing program 2:
setresuid(0x0, 0xee00, 0x0)
r0 = geteuid()
setresuid(0x0, r0, 0xee01)

00:24:19 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
close_range(r0, 0xffffffffffffffff, 0x2)
fchdir(r1)

00:24:19 executing program 2:
setresuid(0x0, 0xee00, 0x0)
r0 = geteuid()
setresuid(0x0, r0, 0xee01)

[  275.605730][ T1033]  loop1: p2 < > p3 p4
[  275.617126][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  275.634969][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  275.641197][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  275.710723][ T1033]  loop5: p2 < > p3 p4
[  275.715009][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  275.721953][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  275.728180][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  275.744266][ T1033]  loop2: p2 < > p3 p4
[  275.748415][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  275.755083][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  275.761270][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  275.781384][ T1033]  loop2: p2 < > p3 p4
[  275.785500][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  275.792328][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  275.798546][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  275.813493][ T1033]  loop5: p2 < > p3 p4
[  275.817622][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  275.824447][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  275.830697][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  275.847533][ T1033]  loop2: p2 < > p3 p4
[  275.851662][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  275.858389][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  275.864541][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  275.881236][ T1033]  loop5: p2 < > p3 p4
[  275.885402][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  275.892055][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  275.898278][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:20 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc}, 0xc)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2aad21062897712f}, 0xc)

00:24:20 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:20 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x80010100)

00:24:20 executing program 0:
clone(0x2000000002008300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = memfd_create(&(0x7f0000000280)='\xa1\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x9fC\x9cD\x9c\xdd\xfe\xc9k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11B\x84\xb6\x1e\x835F\xef\x19\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\xb8\xfe4\xda\x80e\x94az\x04\xf1k\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b7b8000000000035f4c38422a3bc8220"], 0xd8)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

00:24:20 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

00:24:20 executing program 2:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:20 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc}, 0xc)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2aad21062897712f}, 0xc)

00:24:20 executing program 0:
clone(0x2000000002008300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = memfd_create(&(0x7f0000000280)='\xa1\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x9fC\x9cD\x9c\xdd\xfe\xc9k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11B\x84\xb6\x1e\x835F\xef\x19\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\xb8\xfe4\xda\x80e\x94az\x04\xf1k\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b7b8000000000035f4c38422a3bc8220"], 0xd8)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

00:24:20 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x80010100)

[  276.950754][ T1033]  loop5: p2 < > p3 p4
[  276.963376][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:20 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x80010100)

00:24:20 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

[  277.077350][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  277.083602][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:20 executing program 0:
clone(0x2000000002008300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = memfd_create(&(0x7f0000000280)='\xa1\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x9fC\x9cD\x9c\xdd\xfe\xc9k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11B\x84\xb6\x1e\x835F\xef\x19\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\xb8\xfe4\xda\x80e\x94az\x04\xf1k\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b7b8000000000035f4c38422a3bc8220"], 0xd8)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

00:24:20 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc}, 0xc)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2aad21062897712f}, 0xc)

00:24:20 executing program 0:
clone(0x2000000002008300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = memfd_create(&(0x7f0000000280)='\xa1\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x9fC\x9cD\x9c\xdd\xfe\xc9k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11B\x84\xb6\x1e\x835F\xef\x19\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\xb8\xfe4\xda\x80e\x94az\x04\xf1k\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8', 0x0)
write$binfmt_elf32(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b7b8000000000035f4c38422a3bc8220"], 0xd8)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

00:24:20 executing program 5:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x80010100)

[  277.216470][ T1033]  loop1: p2 < > p3 p4
[  277.236325][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  277.244150][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  277.250348][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  277.310174][ T1033]  loop5: p2 < > p3 p4
[  277.314528][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  277.322443][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  277.328658][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  277.354708][ T1033]  loop5: p2 < > p3 p4
[  277.359486][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  277.366250][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  277.373060][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  277.392999][ T1033]  loop2: p2 < > p3 p4
[  277.397242][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  277.403827][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  277.410114][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  277.425176][ T1033]  loop5: p2 < > p3 p4
[  277.429353][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  277.436001][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  277.442163][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  277.462624][ T1033]  loop1: p2 < > p3 p4
[  277.466864][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  277.473776][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  277.479973][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:21 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:21 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc}, 0xc)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2aad21062897712f}, 0xc)

00:24:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:21 executing program 2:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
dup2(r0, r1)

00:24:21 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

00:24:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
dup2(r0, r1)

00:24:21 executing program 4:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

[  277.999558][ T1033]  loop5: p2 < > p3 p4
[  278.003852][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
dup2(r0, r1)

[  278.106276][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  278.112528][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:21 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:21 executing program 2:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:21 executing program 4:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:21 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
dup2(r0, r1)

[  278.295328][ T1033]  loop1: p2 < > p3 p4
[  278.300053][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  278.309078][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  278.315243][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  278.379352][ T1033]  loop5: p2 < > p3 p4
[  278.394226][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  278.415089][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  278.421316][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  278.458800][ T1033]  loop2: p2 < > p3 p4
[  278.473580][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  278.483897][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  278.490296][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  278.513507][ T1033]  loop1: p2 < > p3 p4
[  278.517711][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  278.524637][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  278.530973][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  278.545748][ T1033]  loop2: p2 < > p3 p4
[  278.549909][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  278.556474][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  278.562670][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

00:24:22 executing program 5:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 2:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 1:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 4:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x101}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x7}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x10000, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x4)
write$P9_RGETLOCK(r3, &(0x7f00000002c0)={0x26, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8, '+#):*\xa7+\\'}}, 0x26)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0x10034)

00:24:22 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0)

00:24:22 executing program 0:
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

00:24:22 executing program 1:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 5:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:22 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db000800000000000023c26f45958dc387cf4c02000000fc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9d2d4ed96a074eb04a348a666bf58b23ac4edcce44052b9d6c20a45c772242f63a6bf41a08f4951d60a70381691f296d588ee00000000000000bab84fefba01345f0ba0bb0000000000000000", 0xd2}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:22 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0)

[  279.200748][ T1033]  loop2: p2 < > p3 p4
[  279.204993][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  279.224360][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  279.230603][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  279.299419][ T1033]  loop1: p2 < > p3 p4
[  279.306811][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  279.327885][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  279.334069][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  279.353024][ T1033]  loop5: p2 < > p3 p4
[  279.357362][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  279.364280][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  279.370468][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  279.388811][ T1033]  loop2: p2 < > p3 p4
[  279.396579][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  279.403420][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  279.409818][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  279.428798][ T1033]  loop2: p2 < > p3 p4
[  279.432946][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  279.439732][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  279.446033][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  279.464430][ T1033]  loop5: p2 < > p3 p4
[  279.468695][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  279.475616][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  279.481851][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  279.498948][ T1033]  loop1: p2 < > p3 p4
[  279.503124][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  279.509783][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  279.515935][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:23 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

00:24:23 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db000800000000000023c26f45958dc387cf4c02000000fc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9d2d4ed96a074eb04a348a666bf58b23ac4edcce44052b9d6c20a45c772242f63a6bf41a08f4951d60a70381691f296d588ee00000000000000bab84fefba01345f0ba0bb0000000000000000", 0xd2}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:23 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0)

00:24:23 executing program 5:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:23 executing program 1:
syz_open_procfs(0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x6, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
write(r1, &(0x7f0000000100)='r', 0x1)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x3)
tkill(r0, 0x1000000000016)

00:24:23 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0)

00:24:23 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db000800000000000023c26f45958dc387cf4c02000000fc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9d2d4ed96a074eb04a348a666bf58b23ac4edcce44052b9d6c20a45c772242f63a6bf41a08f4951d60a70381691f296d588ee00000000000000bab84fefba01345f0ba0bb0000000000000000", 0xd2}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

[  279.779201][ T1033]  loop2: p2 < > p3 p4
[  279.797540][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  279.822718][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  279.828931][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:23 executing program 0:
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

00:24:23 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ftruncate(r1, 0x2008001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

00:24:23 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0, <r1=>0x0}, &(0x7f0000000440)=0xc)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1])

00:24:23 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db000800000000000023c26f45958dc387cf4c02000000fc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa63da445b8bef5bd9d2d4ed96a074eb04a348a666bf58b23ac4edcce44052b9d6c20a45c772242f63a6bf41a08f4951d60a70381691f296d588ee00000000000000bab84fefba01345f0ba0bb0000000000000000", 0xd2}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:23 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x202283, 0x0)
signalfd(r0, &(0x7f0000000180), 0x8)

[  280.117384][ T1033]  loop2: p2 < > p3 p4
[  280.121637][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  280.128796][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  280.134973][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  280.158272][ T1033]  loop5: p2 < > p3 p4
[  280.168885][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  280.182180][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  280.188378][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  280.197621][T21890] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  280.197621][T21890] 
[  280.212554][ T1033]  loop1: p2 < > p3 p4
[  280.222333][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  280.225477][T21900] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  280.225477][T21900] 
[  280.235714][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  280.244921][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  280.269645][ T1033]  loop1: p2 < > p3 p4
[  280.274096][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  280.281144][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  280.287325][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  280.307054][ T1033]  loop5: p2 < > p3 p4
[  280.311258][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  280.318265][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  280.324449][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  280.437993][ T1033]  loop2: p2 < > p3 p4
[  280.442150][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  280.448836][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  280.454984][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:24 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ftruncate(r1, 0x2008001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

00:24:24 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x202283, 0x0)
signalfd(r0, &(0x7f0000000180), 0x8)

00:24:24 executing program 4:
clone3(&(0x7f00000005c0)={0x100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000580)=[0x0], 0x1}, 0x58)

00:24:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0, <r1=>0x0}, &(0x7f0000000440)=0xc)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1])

00:24:24 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100000001}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x5}, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write$cgroup_type(r1, &(0x7f0000000080), 0xfffffe58)
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00')
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)

00:24:24 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x202283, 0x0)
signalfd(r0, &(0x7f0000000180), 0x8)

00:24:24 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00')
getdents64(r0, 0x0, 0x0)

[  280.677291][T21937] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  280.677291][T21937] 
[  280.703149][ T1033]  loop1: p2 < > p3 p4
[  280.714414][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  280.737109][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  280.743276][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  280.809008][ T1033]  loop5: p2 < > p3 p4
[  280.813189][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  280.825031][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  280.831256][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  280.875264][ T1033]  loop1: p2 < > p3 p4
[  280.883821][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  280.894706][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  280.900900][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  280.922552][ T1033]  loop2: p2 < > p3 p4
[  280.926704][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  280.933598][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  280.939784][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:24 executing program 0:
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

00:24:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0, <r1=>0x0}, &(0x7f0000000440)=0xc)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1])

00:24:24 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x202283, 0x0)
signalfd(r0, &(0x7f0000000180), 0x8)

00:24:24 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00')
getdents64(r0, 0x0, 0x0)

00:24:24 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ftruncate(r1, 0x2008001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

00:24:24 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100000001}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x5}, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write$cgroup_type(r1, &(0x7f0000000080), 0xfffffe58)
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00')
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)

[  280.992452][   T25] kauditd_printk_skb: 81 callbacks suppressed
[  280.992463][   T25] audit: type=1400 audit(1622420664.428:436): avc:  denied  { mac_admin } for  pid=21931 comm="syz-executor.3" capability=33  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[  281.093146][T21983] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  281.093146][T21983] 
00:24:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x80f514ca7b56cb5b, 0x0, 0x0, {{}, {@val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0)

00:24:24 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00')
getdents64(r0, 0x0, 0x0)

[  281.133648][ T1033]  loop1: p2 < > p3 p4
[  281.138617][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  281.159338][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  281.165512][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0, <r1=>0x0}, &(0x7f0000000440)=0xc)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x24b6422, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r1])

00:24:24 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00')
getdents64(r0, 0x0, 0x0)

[  281.179141][T21999] validate_nla: 10 callbacks suppressed
[  281.179153][T21999] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
[  281.221161][T22004] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
00:24:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x80f514ca7b56cb5b, 0x0, 0x0, {{}, {@val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0)

[  281.242979][ T1033]  loop5: p2 < > p3 p4
[  281.243268][T22008] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  281.243268][T22008] 
[  281.258574][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:24 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x20000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0))

[  281.287418][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  281.293603][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  281.327645][T22017] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
[  281.349481][T22019] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  281.372771][T22020] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  281.373149][ T1033]  loop1: p2 < > p3 p4
[  281.403808][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  281.417962][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  281.424226][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  281.442660][ T1033]  loop5: p2 < > p3 p4
[  281.447025][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  281.453831][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  281.460039][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  281.482069][ T1033]  loop2: p2 < > p3 p4
[  281.487347][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  281.494085][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  281.500299][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:25 executing program 0:
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

00:24:25 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x20000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0))

00:24:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x80f514ca7b56cb5b, 0x0, 0x0, {{}, {@val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0)

00:24:25 executing program 5:
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='wchan\x00')
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r2)
setreuid(0x0, 0x0)
exit(0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001380)=""/4080, 0xff0}], 0x1, 0x0, 0x0)

00:24:25 executing program 2:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ftruncate(r1, 0x2008001)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

00:24:25 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100000001}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x5}, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write$cgroup_type(r1, &(0x7f0000000080), 0xfffffe58)
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00')
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)

00:24:25 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x20000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0))

00:24:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x80f514ca7b56cb5b, 0x0, 0x0, {{}, {@val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0)

[  281.970414][T22056] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  281.992364][T22062] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
00:24:25 executing program 5:
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='wchan\x00')
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r2)
setreuid(0x0, 0x0)
exit(0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001380)=""/4080, 0xff0}], 0x1, 0x0, 0x0)

[  282.034219][ T1033]  loop1: p2 < > p3 p4
[  282.038468][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  282.056375][T22068] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  282.057074][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  282.072563][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:25 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x20000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0))

00:24:25 executing program 5:
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='wchan\x00')
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r2)
setreuid(0x0, 0x0)
exit(0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001380)=""/4080, 0xff0}], 0x1, 0x0, 0x0)

00:24:25 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x349300, 0x0)
readahead(r0, 0x0, 0x0)

[  282.086583][T22077] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
00:24:25 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

[  282.155522][T22087] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  282.177019][ T1033]  loop5: p2 < > p3 p4
[  282.196601][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  282.215665][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  282.221881][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  282.249985][ T1033]  loop1: p2 < > p3 p4
[  282.254129][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  282.275226][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  282.281436][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  282.309711][ T1033]  loop1: p2 < > p3 p4
[  282.314222][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  282.321304][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  282.327479][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  282.346338][ T1033]  loop5: p2 < > p3 p4
[  282.350906][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  282.358012][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  282.364170][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  282.383213][ T1033]  loop2: p2 < > p3 p4
[  282.387600][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  282.396965][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  282.403133][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100000001}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x5}, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write$cgroup_type(r1, &(0x7f0000000080), 0xfffffe58)
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00')
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)

00:24:26 executing program 5:
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='wchan\x00')
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r2)
setreuid(0x0, 0x0)
exit(0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001380)=""/4080, 0xff0}], 0x1, 0x0, 0x0)

00:24:26 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x349300, 0x0)
readahead(r0, 0x0, 0x0)

00:24:26 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 2:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 0:
perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x811}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:26 executing program 2:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 5:
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x0, 0x70bd25, 0x25dfdbfd}, 0x14}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x83600, 0x6, &(0x7f0000000540)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000000000004000000000002000020000020000000ddf4655fddf4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000000001000008000000d24200001203", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000026856d49a00cc4371bd6a7c893f280045010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="03", 0xfeb1, 0x640}, {&(0x7f0000010400)="030000000400000005", 0x9, 0x800}, {&(0x7f0000010e00)="ed41000000040000ddf4655fddf4655fddf4655f000000000000040020", 0x1d, 0x1500}, {&(0x7f00000000c0)="80810000007f", 0xfc3b, 0x1600}], 0x81, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000020e75b034f740074b3298c649e7dedf7afc024fc03b5cab1cc9e890a3b9930040da2b985068801ac9e92f9e82d34b6896b99ae5f1b57656a4207b3a4bcd9f3abcbc842829489c8e350d1a3f44b47959f1f6187ec1b600eee01cf1d59daaa731559db9f439d42a9bae38724069074e12fd6f6593612ca9229b2ea37f348debf0cdf9e154589587091ba49fc019f13ecaae4daab5d01c4bd605f8e2e8fab972e99c9f718b895d3e3e940a6a7d32e1ff87ebc12e1242064e90e416f30af59b4ab89855b5ae165c0f1c35d6f93724bb4159073fb6f50bec68c98d564465203868d1927f5a49753d8c463530a356a901a55d0f069165c277dc0908e7fd17606a15a91f5c4c2dd5cf83a98b6f5c3e6a5ce98ed24cf2ee76d1e2bd32375a8e53991b20843d63e27"])

00:24:26 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x349300, 0x0)
readahead(r0, 0x0, 0x0)

00:24:26 executing program 0:
perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x811}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[  282.913408][ T1033]  loop2: p2 < > p3 p4
[  282.917592][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  282.924346][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  282.930548][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000140)="0f", 0x1, 0xfffffffffffffffe)
keyctl$setperm(0x5, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
keyctl$get_security(0x11, r1, 0x0, 0x0)

[  283.016170][ T1033]  loop5: p2 < > p3 p4
[  283.034418][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  283.049850][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  283.056005][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  283.077884][ T1033]  loop1: p2 < > p3 p4
[  283.082124][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  283.090205][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  283.096379][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  283.133843][ T1033]  loop5: p2 < > p3 p4
[  283.138178][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  283.145109][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  283.151280][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  283.172373][ T1033]  loop1: p2 < > p3 p4
[  283.176496][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000140)="0f", 0x1, 0xfffffffffffffffe)
keyctl$setperm(0x5, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
keyctl$get_security(0x11, r1, 0x0, 0x0)

00:24:26 executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x349300, 0x0)
readahead(r0, 0x0, 0x0)

00:24:26 executing program 0:
perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x811}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:26 executing program 4:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 2:
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000240)=0x76, 0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30}, 0x0)
connect$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
recvmmsg(r0, &(0x7f0000000300), 0x40000000000049e, 0x0, 0x0)

00:24:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8d, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000080)=""/238, 0xee)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000300)={0x1})
r3 = dup2(r2, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f00000003c0)={0xfb, 0x0, 'client0\x00', 0x0, "eed006e17c7e0471", "516f97daa2bff2ceb3104dce2589865e5b5c753b7ef2b5bd5a603cad865a10d8"})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc08c5332, &(0x7f0000000180)={{}, 'port1\x00'})
tkill(r1, 0x7)

[  283.183256][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  283.189434][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:26 executing program 0:
perf_event_open$cgroup(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x811}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000140)="0f", 0x1, 0xfffffffffffffffe)
keyctl$setperm(0x5, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
keyctl$get_security(0x11, r1, 0x0, 0x0)

00:24:26 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x3b, 0x0, &(0x7f0000000040))

00:24:26 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$MON_IOCG_STATS(r0, 0x80086601, 0x0)

00:24:26 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000440)={{0x1b, 0x5b, 0x7, 0x7, 0x31, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x105d, 0x40}, [{}]}, 0x78)

[  283.246849][ T1033]  loop2: p2 < > p3 p4
[  283.257655][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  283.282578][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  283.288830][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:26 executing program 0:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',afid=0x0000000600000000'])

00:24:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x45, 0xda1, 0x0)
r1 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000140)="0f", 0x1, 0xfffffffffffffffe)
keyctl$setperm(0x5, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
keyctl$get_security(0x11, r1, 0x0, 0x0)

[  283.347258][ T1033]  loop5: p2 < > p3 p4
00:24:26 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$MON_IOCG_STATS(r0, 0x80086601, 0x0)

00:24:26 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x3b, 0x0, &(0x7f0000000040))

00:24:26 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000440)={{0x1b, 0x5b, 0x7, 0x7, 0x31, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x105d, 0x40}, [{}]}, 0x78)

00:24:26 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x3b, 0x0, &(0x7f0000000040))

[  283.372130][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  283.398838][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  283.405021][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  283.474043][ T1033]  loop5: p2 < > p3 p4
[  283.478317][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  283.488273][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  283.494596][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:26 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8d, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000080)=""/238, 0xee)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000300)={0x1})
r3 = dup2(r2, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f00000003c0)={0xfb, 0x0, 'client0\x00', 0x0, "eed006e17c7e0471", "516f97daa2bff2ceb3104dce2589865e5b5c753b7ef2b5bd5a603cad865a10d8"})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc08c5332, &(0x7f0000000180)={{}, 'port1\x00'})
tkill(r1, 0x7)

00:24:26 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$MON_IOCG_STATS(r0, 0x80086601, 0x0)

00:24:26 executing program 0:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',afid=0x0000000600000000'])

00:24:26 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x3b, 0x0, &(0x7f0000000040))

00:24:26 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000440)={{0x1b, 0x5b, 0x7, 0x7, 0x31, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x105d, 0x40}, [{}]}, 0x78)

00:24:26 executing program 5:
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
shmat(r0, &(0x7f0000ffb000/0x3000)=nil, 0x4000)
r1 = shmget(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x6000)

[  283.528843][ T1033]  loop1: p2 < > p3 p4
[  283.533070][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  283.540167][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  283.546444][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:27 executing program 4:
set_mempolicy(0x3, &(0x7f00000001c0)=0x100000001, 0x3)
timerfd_create(0x1, 0x0)

00:24:27 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$MON_IOCG_STATS(r0, 0x80086601, 0x0)

00:24:27 executing program 5:
r0 = syz_io_uring_setup(0x187, &(0x7f0000000340), &(0x7f00004f4000/0x4000)=nil, &(0x7f0000116000/0x4000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
eventfd2(0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0}, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x3b61, 0x0, 0x0, 0x0, 0x0)

00:24:27 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000440)={{0x1b, 0x5b, 0x7, 0x7, 0x31, 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x105d, 0x40}, [{}]}, 0x78)

00:24:27 executing program 0:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',afid=0x0000000600000000'])

00:24:27 executing program 4:
set_mempolicy(0x3, &(0x7f00000001c0)=0x100000001, 0x3)
timerfd_create(0x1, 0x0)

[  283.607220][ T1033]  loop1: p2 < > p3 p4
[  283.626076][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  283.633965][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  283.640190][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  283.688101][ T1033]  loop1: p2 < > p3 p4
[  283.697070][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  283.710091][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  283.716264][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  283.771924][ T1033]  loop2: p2 < > p3 p4
[  283.776223][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  283.783421][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  283.789794][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  283.806035][ T1033]  loop5: p2 < > p3 p4
[  283.810289][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:27 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8d, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000080)=""/238, 0xee)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000300)={0x1})
r3 = dup2(r2, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f00000003c0)={0xfb, 0x0, 'client0\x00', 0x0, "eed006e17c7e0471", "516f97daa2bff2ceb3104dce2589865e5b5c753b7ef2b5bd5a603cad865a10d8"})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc08c5332, &(0x7f0000000180)={{}, 'port1\x00'})
tkill(r1, 0x7)

00:24:27 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x0, 0x0, {{0x3}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

00:24:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x166, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09ab308157bb66b62df75d5c4af3c2a3c5b265ca2955257c94fc8748ba704a5850374975b8998714db8995aeb371e36f9037e022a3506a303bbb9a82c5ab9cba314ab51a6a9ed1b372bd3c2002f99789b922446b6e0b62303635ab0d86dc2b3f6b0ee477a7e7a255a4d86a3278d626a0dae3529694236337525f692228c78f16de7ec68c5bb82d51009c583023d0adfd8386fe4cf4e81751193f883cea666339b69727a8179ee0b7cfa6fbb07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

00:24:27 executing program 5:
r0 = syz_io_uring_setup(0x187, &(0x7f0000000340), &(0x7f00004f4000/0x4000)=nil, &(0x7f0000116000/0x4000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
eventfd2(0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0}, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x3b61, 0x0, 0x0, 0x0, 0x0)

00:24:27 executing program 0:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',afid=0x0000000600000000'])

00:24:27 executing program 4:
set_mempolicy(0x3, &(0x7f00000001c0)=0x100000001, 0x3)
timerfd_create(0x1, 0x0)

[  283.817255][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  283.823420][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:27 executing program 4:
set_mempolicy(0x3, &(0x7f00000001c0)=0x100000001, 0x3)
timerfd_create(0x1, 0x0)

00:24:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x166, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09ab308157bb66b62df75d5c4af3c2a3c5b265ca2955257c94fc8748ba704a5850374975b8998714db8995aeb371e36f9037e022a3506a303bbb9a82c5ab9cba314ab51a6a9ed1b372bd3c2002f99789b922446b6e0b62303635ab0d86dc2b3f6b0ee477a7e7a255a4d86a3278d626a0dae3529694236337525f692228c78f16de7ec68c5bb82d51009c583023d0adfd8386fe4cf4e81751193f883cea666339b69727a8179ee0b7cfa6fbb07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

00:24:27 executing program 0:
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r0, r0, r1, 0x0)

00:24:27 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x0, 0x0, {{0x3}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

[  283.887647][ T1033]  loop2: p2 < > p3 p4
[  283.895431][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  283.924625][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  283.930836][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:27 executing program 5:
r0 = syz_io_uring_setup(0x187, &(0x7f0000000340), &(0x7f00004f4000/0x4000)=nil, &(0x7f0000116000/0x4000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
eventfd2(0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0}, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x3b61, 0x0, 0x0, 0x0, 0x0)

00:24:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x166, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09ab308157bb66b62df75d5c4af3c2a3c5b265ca2955257c94fc8748ba704a5850374975b8998714db8995aeb371e36f9037e022a3506a303bbb9a82c5ab9cba314ab51a6a9ed1b372bd3c2002f99789b922446b6e0b62303635ab0d86dc2b3f6b0ee477a7e7a255a4d86a3278d626a0dae3529694236337525f692228c78f16de7ec68c5bb82d51009c583023d0adfd8386fe4cf4e81751193f883cea666339b69727a8179ee0b7cfa6fbb07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

[  283.983937][ T1033]  loop5: p2 < > p3 p4
[  283.994643][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  284.010623][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  284.016824][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  284.048121][ T1033]  loop1: p2 < > p3 p4
[  284.052268][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  284.059536][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  284.065689][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  284.082793][ T1033]  loop5: p2 < > p3 p4
[  284.086931][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:27 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8d, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000080)=""/238, 0xee)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000300)={0x1})
r3 = dup2(r2, r2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f00000003c0)={0xfb, 0x0, 'client0\x00', 0x0, "eed006e17c7e0471", "516f97daa2bff2ceb3104dce2589865e5b5c753b7ef2b5bd5a603cad865a10d8"})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc08c5332, &(0x7f0000000180)={{}, 'port1\x00'})
tkill(r1, 0x7)

00:24:27 executing program 0:
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r0, r0, r1, 0x0)

00:24:27 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x0, 0x0, {{0x3}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

00:24:27 executing program 4:
r0 = socket(0x2, 0x3, 0x81)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000680)=0x554, 0x4)
sendmsg$unix(r0, &(0x7f0000002580)={&(0x7f0000000000), 0x6e, 0x0}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x2040, 0x0, 0x0)

00:24:27 executing program 5:
r0 = syz_io_uring_setup(0x187, &(0x7f0000000340), &(0x7f00004f4000/0x4000)=nil, &(0x7f0000116000/0x4000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
eventfd2(0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0}, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x3b61, 0x0, 0x0, 0x0, 0x0)

00:24:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x166, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09ab308157bb66b62df75d5c4af3c2a3c5b265ca2955257c94fc8748ba704a5850374975b8998714db8995aeb371e36f9037e022a3506a303bbb9a82c5ab9cba314ab51a6a9ed1b372bd3c2002f99789b922446b6e0b62303635ab0d86dc2b3f6b0ee477a7e7a255a4d86a3278d626a0dae3529694236337525f692228c78f16de7ec68c5bb82d51009c583023d0adfd8386fe4cf4e81751193f883cea666339b69727a8179ee0b7cfa6fbb07"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

[  284.093974][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  284.100224][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  284.117241][ T1033]  loop2: p2 < > p3 p4
[  284.121797][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  284.142519][ T1033] loop2: p3 start 225 is beyond EOD, truncated
00:24:27 executing program 0:
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r0, r0, r1, 0x0)

[  284.148717][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  284.184842][ T1033]  loop1: p2 < > p3 p4
00:24:27 executing program 1:
set_mempolicy(0x2, &(0x7f0000000000)=0x9, 0x40)
r0 = socket(0x2, 0x3, 0x100)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x7c, 0x1, 0x0, [{@multicast2}, {}]}]}}}], 0x28}, 0x0)

00:24:27 executing program 5:
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)

00:24:27 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x1c, r1, 0x1, 0x0, 0x0, {{0x3}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

00:24:27 executing program 0:
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r0, r0, r1, 0x0)

00:24:27 executing program 4:
r0 = socket(0x2, 0x3, 0x81)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000680)=0x554, 0x4)
sendmsg$unix(r0, &(0x7f0000002580)={&(0x7f0000000000), 0x6e, 0x0}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x2040, 0x0, 0x0)

[  284.196339][T22391] raw_sendmsg: syz-executor.4 forgot to set AF_INET. Fix it!
[  284.204996][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  284.219318][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  284.225632][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  284.282637][ T1033]  loop2: p2 < > p3 p4
[  284.288022][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  284.306183][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  284.312370][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  284.332988][ T1033]  loop5: p2 < > p3 p4
[  284.337217][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  284.343842][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  284.350017][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  284.365371][ T1033]  loop1: p2 < > p3 p4
[  284.369510][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  284.376039][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:24:27 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
pread64(r0, &(0x7f0000000300)=""/58, 0x2000033a, 0x0)

00:24:27 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='ro'])

00:24:27 executing program 4:
r0 = socket(0x2, 0x3, 0x81)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000680)=0x554, 0x4)
sendmsg$unix(r0, &(0x7f0000002580)={&(0x7f0000000000), 0x6e, 0x0}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x2040, 0x0, 0x0)

00:24:27 executing program 1:
set_mempolicy(0x2, &(0x7f0000000000)=0x9, 0x40)
r0 = socket(0x2, 0x3, 0x100)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x7c, 0x1, 0x0, [{@multicast2}, {}]}]}}}], 0x28}, 0x0)

00:24:27 executing program 0:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005a0001"], 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:24:27 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

[  284.382325][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:27 executing program 1:
set_mempolicy(0x2, &(0x7f0000000000)=0x9, 0x40)
r0 = socket(0x2, 0x3, 0x100)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x7c, 0x1, 0x0, [{@multicast2}, {}]}]}}}], 0x28}, 0x0)

[  284.448653][ T1033]  loop1: p2 < > p3 p4
[  284.458819][  T614] blk_update_request: I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  284.462767][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  284.470890][T22447] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
00:24:27 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='ro'])

00:24:27 executing program 4:
r0 = socket(0x2, 0x3, 0x81)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000680)=0x554, 0x4)
sendmsg$unix(r0, &(0x7f0000002580)={&(0x7f0000000000), 0x6e, 0x0}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x2040, 0x0, 0x0)

[  284.493825][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  284.500036][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:28 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:28 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='ro'])

[  284.541910][  T883] blk_update_request: I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  284.552895][T22447] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
00:24:28 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

[  284.594029][ T1033]  loop1: p2 < > p3 p4
[  284.598388][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  284.605318][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  284.611486][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  284.648232][  T883] blk_update_request: I/O error, dev loop9, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  284.659479][T22475] isofs_fill_super: bread failed, dev=loop9, iso_blknum=16, block=32
[  284.661835][  T614] blk_update_request: I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  284.679375][T22476] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
[  284.734187][ T1033]  loop2: p2 < > p3 p4
[  284.738814][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  284.745582][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  284.751811][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  284.767986][ T1033]  loop2: p2 < > p3 p4
[  284.772127][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  284.779633][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  284.785833][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  284.803222][ T1033]  loop2: p2 < > p3 p4
[  284.807556][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  284.814364][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  284.820548][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:28 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
pread64(r0, &(0x7f0000000300)=""/58, 0x2000033a, 0x0)

00:24:28 executing program 1:
set_mempolicy(0x2, &(0x7f0000000000)=0x9, 0x40)
r0 = socket(0x2, 0x3, 0x100)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x7c, 0x1, 0x0, [{@multicast2}, {}]}]}}}], 0x28}, 0x0)

00:24:28 executing program 2:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='ro'])

00:24:28 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:28 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:28 executing program 0:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005a0001"], 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

[  285.310819][ T1033]  loop5: p2 < > p3 p4
[  285.315974][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  285.346683][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  285.352886][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:28 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:28 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
fstat(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setreuid(0xee00, r2)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000001b80)={0x5}, 0x4)

[  285.367444][  T883] blk_update_request: I/O error, dev loop9, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  285.380041][T22520] isofs_fill_super: bread failed, dev=loop9, iso_blknum=16, block=32
[  285.380316][  T614] blk_update_request: I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  285.400328][T22521] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
00:24:28 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

[  285.451238][ T1033]  loop1: p2 < > p3 p4
[  285.452216][T22530] ISOFS: Unable to identify CD-ROM format.
[  285.459892][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  285.474887][  T614] blk_update_request: I/O error, dev loop9, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  285.486773][T22539] isofs_fill_super: bread failed, dev=loop9, iso_blknum=16, block=32
00:24:28 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
fstat(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setreuid(0xee00, r2)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000001b80)={0x5}, 0x4)

[  285.503157][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  285.509444][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

[  285.542962][  T883] blk_update_request: I/O error, dev loop7, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  285.554034][T22549] isofs_fill_super: bread failed, dev=loop7, iso_blknum=16, block=32
[  285.605752][ T1033]  loop2: p2 < > p3 p4
[  285.610001][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  285.612952][T22559] ISOFS: Unable to identify CD-ROM format.
[  285.617591][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  285.628373][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  285.684149][ T1033]  loop2: p2 < > p3 p4
[  285.688426][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  285.695279][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  285.701481][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  285.723923][ T1033]  loop1: p2 < > p3 p4
[  285.728208][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  285.735226][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  285.741421][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  285.791308][ T1033]  loop2: p2 < > p3 p4
[  285.795660][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  285.803046][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  285.809467][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  285.833579][ T1033]  loop1: p2 < > p3 p4
[  285.837797][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  285.844399][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  285.850568][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  285.871725][ T1033]  loop1: p2 < > p3 p4
[  285.875898][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  285.883129][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  285.889290][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:29 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
pread64(r0, &(0x7f0000000300)=""/58, 0x2000033a, 0x0)

00:24:29 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
fstat(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setreuid(0xee00, r2)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000001b80)={0x5}, 0x4)

00:24:29 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)

00:24:29 executing program 4:
set_mempolicy(0x1, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000004c0)=@updsa={0x138, 0x1a, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@local}, {@in6=@dev, 0x0, 0x33}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'cmac(aes)\x00'}}}]}, 0x138}}, 0x0)

00:24:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
clone(0x26100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x24, 0x1, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="2e2f66696c653000bd8156fc"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
fork()
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
exit_group(0x4)
setregid(0x0, r2)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x5, 0x8, &(0x7f00000004c0)=[{&(0x7f00000001c0)="dd60387e0c74e861945a12ab0f5271cc156fb07f6341256e329cf8bc76eb3c61b627b8651ecf937c56a2c15792", 0x2d, 0x9}, {&(0x7f0000000200)="26efe8baa52e65c2c34a5cc61532619e3d783eee74829e899c1743ec734f82febb94c68514dda36e485b3e0821cd47cc58", 0x31}, {&(0x7f0000000240)="1f3b5206f6dbe2c4f75940a15ca88e292c1b4d3262ed5abe7f9989852ee6185f9a619f06051476256b456665ce8ea30f472a211c2a8359d4dfb5c16881a6bd4313b8", 0x42, 0x1}, {&(0x7f00000002c0)="5dfedd9289a25bc69ea65a6c62d6eacefa956f34ac375591c94f9242e7a64b648de4828f6f3534e3b33092275c984e3077f7bdb59166d13e84", 0x39, 0x5}, {&(0x7f0000000300)="d1ef950271265f20b3fa58c2ac2ccf35426c8a4e767a97a5cc", 0x19, 0x6}, {&(0x7f0000000340)="d816627d9473e76756461ff918ac9fc249eea81ad4ab0b8a2f47783d175b3937752b833e367a9a945f1526908b0efc2257ef289fa914a7f95003d0a8eef84c0f215b5ba208b7e125", 0x48, 0x7}, {&(0x7f00000003c0)="d1625802bc017408c7aec42d9d389c835c77edad7c65498a0438f017c3789e4320f829c61a57c4cff743a65c5e308417cb72a923ea461ab01d075c3accc8063bbc26ef08a3ec4a1d3b3f00c575673dfb", 0x50, 0x4}, {&(0x7f0000000440)="e77ec73af7369ec45ddd1a5a5740393fcb8ab480a60c9bbe7ec3cb1acca0164f71d7eca290af5596f1aa352bbf055459c16d1f73496b39a57bda68e5dccee975a47b6c3b6a6e8e49c7b3c1f24f5a8dbcd7545f2593f4e90a4c8589f132fdf56079", 0x61}], 0x40, &(0x7f00000005c0)={[{@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x34, 0x74, 0x31, 0xd, 0x65, 0x34]}}, {@mpol={'mpol', 0x3d, {'bind', '', @void}}}, {@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x2c, 0x31, 0xb, 0x35, 0x31, 0x30, 0x0, 0x37, 0x33]}}}}, {@size={'size', 0x3d, [0x78, 0x35, 0x37, 0x39, 0x78, 0x69, 0x30, 0x78]}}, {@gid={'gid', 0x3d, r2}}, {@huge_never}, {@huge_advise}], [{@uid_lt}, {@smackfshat={'smackfshat', 0x3d, 'iso9660\x00'}}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000580)=0x80, 0x80800)

00:24:29 executing program 0:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005a0001"], 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

[  286.206645][ T1033]  loop5: p2 < > p3 p4
[  286.210900][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  286.235046][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  286.241254][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:29 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)

00:24:29 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
fstat(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setreuid(0xee00, r2)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000001b80)={0x5}, 0x4)

00:24:29 executing program 4:
set_mempolicy(0x1, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000004c0)=@updsa={0x138, 0x1a, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@local}, {@in6=@dev, 0x0, 0x33}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'cmac(aes)\x00'}}}]}, 0x138}}, 0x0)

[  286.262423][T22627] ISOFS: Unable to identify CD-ROM format.
00:24:29 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)

00:24:29 executing program 4:
set_mempolicy(0x1, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000004c0)=@updsa={0x138, 0x1a, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@local}, {@in6=@dev, 0x0, 0x33}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'cmac(aes)\x00'}}}]}, 0x138}}, 0x0)

00:24:29 executing program 1:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

[  286.330009][ T1033]  loop1: p2 < > p3 p4
[  286.338640][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  286.345901][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  286.352194][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  286.383384][ T1033]  loop2: p2 < > p3 p4
[  286.394251][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  286.412938][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  286.419131][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  286.467655][ T1033]  loop1: p2 < > p3 p4
[  286.471936][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  286.479596][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  286.485780][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  286.513681][ T1033]  loop2: p2 < > p3 p4
[  286.517963][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  286.524565][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  286.530761][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:30 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
pread64(r0, &(0x7f0000000300)=""/58, 0x2000033a, 0x0)

00:24:30 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x24900)

00:24:30 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x11, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)

00:24:30 executing program 4:
set_mempolicy(0x1, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000004c0)=@updsa={0x138, 0x1a, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@local}, {@in6=@dev, 0x0, 0x33}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'cmac(aes)\x00'}}}]}, 0x138}}, 0x0)

00:24:30 executing program 1:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:30 executing program 0:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005a0001"], 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:24:30 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x24900)

00:24:30 executing program 4:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:30 executing program 3:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

[  287.106805][ T1033]  loop5: p2 < > p3 p4
[  287.111047][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  287.127881][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  287.134067][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:30 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x24900)

00:24:30 executing program 1:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:30 executing program 4:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

[  287.217320][ T1033]  loop2: p2 < > p3 p4
[  287.226103][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  287.258999][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  287.265196][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  287.367713][ T1033]  loop1: p2 < > p3 p4
[  287.371963][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  287.378882][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  287.385038][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  287.409263][ T1033]  loop2: p2 < > p3 p4
[  287.413556][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  287.420580][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  287.426819][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  287.461716][ T1033]  loop2: p2 < > p3 p4
[  287.469115][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  287.477637][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  287.483844][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  287.503499][ T1033]  loop1: p2 < > p3 p4
[  287.507626][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  287.514295][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  287.520487][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:31 executing program 0:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:31 executing program 4:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:31 executing program 3:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:31 executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x24900)

00:24:31 executing program 1:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

00:24:31 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  288.047605][ T1033]  loop5: p2 < > p3 p4
[  288.051854][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:31 executing program 1:
set_mempolicy(0x3, &(0x7f0000000000)=0x3, 0x100)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)

[  288.136854][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  288.143049][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:31 executing program 4:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000980)="66530700ae897094e71b0fb1f147", 0xe}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x0)

[  288.189829][T22766] netlink: 'syz-executor.5': attribute type 11 has an invalid length.
00:24:31 executing program 1:
set_mempolicy(0x3, &(0x7f0000000000)=0x3, 0x100)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)

00:24:31 executing program 0:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:31 executing program 2:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:31 executing program 3:
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffc000/0x1000)=nil)
mremap(&(0x7f00005d9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000ffc000/0x4000)=nil)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x15)

[  288.258324][ T1033]  loop1: p2 < > p3 p4
[  288.262475][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  288.305029][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  288.311260][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:31 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmmsg(r0, &(0x7f00000087c0)=[{{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

00:24:31 executing program 0:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

[  288.346914][T22811] netlink: 'syz-executor.5': attribute type 11 has an invalid length.
00:24:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="b06f21ffec811bc6ab3999"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0))

00:24:31 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:31 executing program 2:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:31 executing program 1:
set_mempolicy(0x3, &(0x7f0000000000)=0x3, 0x100)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)

00:24:31 executing program 1:
set_mempolicy(0x3, &(0x7f0000000000)=0x3, 0x100)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)

00:24:31 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmmsg(r0, &(0x7f00000087c0)=[{{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

00:24:31 executing program 0:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:32 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmmsg(r0, &(0x7f00000087c0)=[{{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

[  288.507834][ T1033]  loop1: p2 < > p3 p4
[  288.512162][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:32 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  288.580763][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  288.586992][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:32 executing program 3:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="b06f21ffec811bc6ab3999"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0))

00:24:32 executing program 2:
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000140)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f00000000c0)=ANY=[@ANYBLOB="010040"]}, @subvolid})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

00:24:32 executing program 3:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="b06f21ffec811bc6ab3999"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0))

00:24:32 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  288.701311][ T1033]  loop2: p2 < > p3 p4
[  288.721159][T22823] netlink: 'syz-executor.5': attribute type 11 has an invalid length.
[  288.738268][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:32 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:32 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
recvmmsg(r0, &(0x7f00000087c0)=[{{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

00:24:32 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  288.820907][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  288.827200][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:32 executing program 3:
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="b06f21ffec811bc6ab3999"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0xa, &(0x7f00000002c0))

00:24:32 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  288.936321][T22859] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
00:24:32 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000180)={'raw\x00', 0x4, "14cdeffc"}, &(0x7f0000000240)=0x2c)

[  289.235739][T22864] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  289.282790][ T1033]  loop5: p2 < > p3 p4
00:24:32 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:32 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:32 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'sit0\x00', 0x0})

[  289.305979][T22879] netlink: 'syz-executor.5': attribute type 11 has an invalid length.
[  289.317276][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  289.332900][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  289.339177][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  289.354075][T22894] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
00:24:32 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'sit0\x00', 0x0})

00:24:32 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f0000000000)=""/4096, &(0x7f0000001000)=0x1000)

00:24:32 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:32 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'sit0\x00', 0x0})

[  289.463959][ T1033]  loop2: p2 < > p3 p4
00:24:32 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'sit0\x00', 0x0})

[  289.502335][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  289.525997][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  289.532211][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  289.593043][T22900] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  289.667418][T22925] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
00:24:33 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:33 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:33 executing program 4:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:33 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x35}]})

00:24:33 executing program 0:
mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0)
pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000)
pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil)

[  289.949220][ T1033]  loop1: p2 < > p3 p4
[  289.953437][T22938] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
[  289.963000][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  290.108848][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  290.115565][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:33 executing program 4:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:33 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x11, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
clone3(&(0x7f0000000340)={0x40000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x8}, &(0x7f00000001c0)=""/65, 0x41, &(0x7f0000000240)=""/19, &(0x7f0000000300)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58)
sched_setattr(0x0, &(0x7f00000003c0)={0x38, 0x5, 0x52, 0x7406, 0x9, 0x24c6a831, 0x1, 0x80000001, 0x3ff, 0x800}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000001140)='mountinfo\x00')
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff02000000000000000000000000000100000000320000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c000b000000000000000000e000000100"/268], 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x0)

00:24:33 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x35}]})

00:24:33 executing program 0:
mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0)
pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000)
pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil)

00:24:33 executing program 5:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:33 executing program 1:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)

00:24:33 executing program 0:
mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0)
pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000)
pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil)

00:24:33 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x35}]})

[  290.245252][ T1033]  loop1: p2 < > p3 p4
[  290.249559][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:33 executing program 4:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

[  290.293378][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  290.299602][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:33 executing program 5:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:33 executing program 0:
mbind(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x0, 0x0)
pkey_mprotect(&(0x7f0000ff2000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
munmap(&(0x7f0000ff4000/0x3000)=nil, 0x3000)
pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
mremap(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ff4000/0x1000)=nil)

00:24:33 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x35}]})

00:24:33 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6c}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000040)="c03e1abd", 0x33fe0}], 0x1}}], 0x1, 0x0)

00:24:34 executing program 3:
r0 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
pwritev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="ed", 0x1}], 0x1, 0x0, 0x0)
fallocate(r0, 0x20, 0x0, 0xfffffeff000)

00:24:34 executing program 5:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:34 executing program 4:
unshare(0x40000000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8916, &(0x7f00000000c0)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\x0f\x89d:\x8f\xecb6\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00\x00\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/79)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x891c, &(0x7f0000000000)='lo:|T{\xdcD\xd2\xaf>o\xd6Q\x00\x19\x02\x00\xdd\xd4\b\xbb\xbb\xb0]\t\xee\x89dD7\xb1\xd6\xd7AF,\xa3\x00\x00\x00\x00\x91\xed\x05\x00p\x16\xc4\x00C\xeb&\xc6\xd6\xcb\x85\x9a\xb6OFl\xd3\x00'/77)

00:24:34 executing program 2:
set_mempolicy(0x3, &(0x7f00000000c0)=0x9, 0x27)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:34 executing program 1:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)

[  290.515120][ T1033]  loop2: p2 < > p3 p4
[  290.523759][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  290.541372][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  290.547585][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6c}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000040)="c03e1abd", 0x33fe0}], 0x1}}], 0x1, 0x0)

00:24:34 executing program 1:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)

00:24:34 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6c}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000040)="c03e1abd", 0x33fe0}], 0x1}}], 0x1, 0x0)

00:24:34 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
lseek(r0, 0x5, 0x0)

00:24:34 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x5607, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)

00:24:34 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

00:24:34 executing program 1:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)

[  290.660360][ T1033]  loop1: p2 < > p3 p4
[  290.679765][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  290.688714][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  290.694899][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6c}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000006340)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000040)="c03e1abd", 0x33fe0}], 0x1}}], 0x1, 0x0)

00:24:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
keyctl$clear(0x7, r1)

[  290.725378][ T1033]  loop2: p2 < > p3 p4
[  290.735030][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  290.748197][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  290.754415][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
lseek(r0, 0x5, 0x0)

00:24:34 executing program 2:
set_mempolicy(0x3, &(0x7f00000000c0)=0x9, 0x27)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:34 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

00:24:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
keyctl$clear(0x7, r1)

[  290.828436][ T1033]  loop1: p2 < > p3 p4
[  290.832850][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  290.849498][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  290.855675][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, 0x0, 0x0)
clone3(&(0x7f0000000340)={0x40000000, 0x0, &(0x7f00000000c0), &(0x7f0000000100), {0x8}, 0x0, 0x0, &(0x7f0000000240)=""/19, 0x0}, 0x58)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:24:34 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

00:24:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
keyctl$clear(0x7, r1)

00:24:34 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x5607, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)

00:24:34 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
lseek(r0, 0x5, 0x0)

[  290.945655][ T1033]  loop1: p2 < > p3 p4
[  290.950036][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  290.971639][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  290.977847][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
lseek(r0, 0x5, 0x0)

00:24:34 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$revoke(0x3, r1)
keyctl$clear(0x7, r1)

00:24:34 executing program 5:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

[  291.028639][ T1033]  loop2: p2 < > p3 p4
[  291.037259][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  291.046888][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  291.053076][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 0:
unshare(0x68000400)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGABS0(r0, 0x40044590, 0x0)

[  291.097846][ T1033]  loop2: p2 < > p3 p4
[  291.102398][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  291.109479][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  291.115646][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:34 executing program 2:
set_mempolicy(0x3, &(0x7f00000000c0)=0x9, 0x27)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:34 executing program 3:
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}, {&(0x7f0000010800)="53595a4b414c4c45522020080000eb80325132510000eb80325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c453020202020202010", 0x4c, 0x12000}], 0x0, &(0x7f00000002c0)=ANY=[])
unlinkat(r0, &(0x7f0000000040)='./file0\x00', 0x0)

00:24:34 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))

[  291.151975][ T1033]  loop1: p2 < > p3 p4
[  291.166695][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:34 executing program 3:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000005bc0)={0x10, 0x3e9, 0x0, 0x0, 0x0, {0x10, 0x3f6, 0x0, 0xffffffffffffffff}}, 0x38}}, 0x0)

00:24:34 executing program 5:
pipe2(0xfffffffffffffffc, 0x0)

00:24:34 executing program 0:
unshare(0x68000400)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGABS0(r0, 0x40044590, 0x0)

[  291.196201][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.202534][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.240635][ T1033]  loop2: p2 < > p3 p4
[  291.244853][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  291.252347][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  291.258578][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  291.276267][ T1033]  loop1: p2 < > p3 p4
[  291.281057][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.300952][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.307170][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.317474][   T25] audit: type=1326 audit(1622420674.758:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23197 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.376163][ T1033]  loop1: p2 < > p3 p4
[  291.380580][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.383385][   T25] audit: type=1326 audit(1622420674.778:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23197 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=126 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.387758][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.411928][   T25] audit: type=1326 audit(1622420674.778:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23197 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.417103][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.428402][ T1033]  loop5: p2 < > p3 p4
[  291.448527][   T25] audit: type=1326 audit(1622420674.778:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23197 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=157 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.452809][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  291.477226][   T25] audit: type=1326 audit(1622420674.778:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23197 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.483674][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  291.513164][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  291.529182][ T1033]  loop1: p2 < > p3 p4
[  291.533298][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.540214][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.546374][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.561999][ T1033]  loop1: p2 < > p3 p4
[  291.566212][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.572934][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.579356][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.602064][ T1033]  loop5: p2 < > p3 p4
[  291.606245][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  291.617091][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  291.623259][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  291.639207][ T1033]  loop1: p2 < > p3 p4
[  291.643470][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.650497][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.656703][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.672902][ T1033]  loop2: p2 < > p3 p4
[  291.677077][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  291.683671][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  291.689871][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  291.705196][ T1033]  loop5: p2 < > p3 p4
[  291.709396][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  291.715997][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  291.722223][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  291.737288][ T1033]  loop1: p2 < > p3 p4
[  291.741596][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.748832][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.755122][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.771403][ T1033]  loop1: p2 < > p3 p4
[  291.775665][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  291.782704][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  291.789010][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  291.803952][ T1033]  loop5: p2 < > p3 p4
[  291.808085][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  291.814701][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  291.820879][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:35 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x5607, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)

00:24:35 executing program 2:
set_mempolicy(0x3, &(0x7f00000000c0)=0x9, 0x27)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

00:24:35 executing program 0:
unshare(0x68000400)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGABS0(r0, 0x40044590, 0x0)

00:24:35 executing program 3:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000005bc0)={0x10, 0x3e9, 0x0, 0x0, 0x0, {0x10, 0x3f6, 0x0, 0xffffffffffffffff}}, 0x38}}, 0x0)

00:24:35 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))

00:24:35 executing program 5:
pipe2(0xfffffffffffffffc, 0x0)

[  291.840768][ T1033]  loop2: p2 < > p3 p4
[  291.844979][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  291.852054][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  291.858276][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:35 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))

[  291.891169][   T25] audit: type=1326 audit(1622420675.328:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23273 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
00:24:35 executing program 5:
pipe2(0xfffffffffffffffc, 0x0)

00:24:35 executing program 3:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000005bc0)={0x10, 0x3e9, 0x0, 0x0, 0x0, {0x10, 0x3f6, 0x0, 0xffffffffffffffff}}, 0x38}}, 0x0)

00:24:35 executing program 0:
unshare(0x68000400)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGABS0(r0, 0x40044590, 0x0)

[  291.941378][   T25] audit: type=1326 audit(1622420675.328:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23273 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=126 compat=0 ip=0x4665d9 code=0x7ffc0000
[  291.970429][ T1033]  loop2: p2 < > p3 p4
[  291.974715][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:35 executing program 5:
pipe2(0xfffffffffffffffc, 0x0)

00:24:35 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))

00:24:35 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x5607, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)

[  291.998911][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.005104][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.009072][   T25] audit: type=1326 audit(1622420675.328:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23273 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  292.056845][   T25] audit: type=1326 audit(1622420675.428:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23286 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
00:24:35 executing program 3:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET(r0, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000005bc0)={0x10, 0x3e9, 0x0, 0x0, 0x0, {0x10, 0x3f6, 0x0, 0xffffffffffffffff}}, 0x38}}, 0x0)

00:24:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x8d, &(0x7f00000003c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff0000000000000000a01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f47069863009780dd6e673a02f7ed8"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000001d80)={&(0x7f00000006c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000740)=""/171, 0xfffffffffffffe7b}, {&(0x7f0000000800)=""/68, 0x44}, {0x0}, {&(0x7f00000008c0)=""/41, 0x29}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6a7a28dc7e57db6c, &(0x7f0000001cc0)=""/182, 0xb6}, 0x0)

[  292.104574][   T25] audit: type=1326 audit(1622420675.428:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23286 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  292.131737][ T1033]  loop5: p2 < > p3 p4
[  292.145817][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x8d, &(0x7f00000003c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff0000000000000000a01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f47069863009780dd6e673a02f7ed8"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, '@:)[\x00'}]}, 0x20}}, 0x0)

00:24:35 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000001d80)={&(0x7f00000006c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000740)=""/171, 0xfffffffffffffe7b}, {&(0x7f0000000800)=""/68, 0x44}, {0x0}, {&(0x7f00000008c0)=""/41, 0x29}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6a7a28dc7e57db6c, &(0x7f0000001cc0)=""/182, 0xb6}, 0x0)

00:24:35 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f00000002c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)="224127fb959f252bb2ca56d7e29cff02195ff26d061bb4eafdded2e86f8046dd44afcbffdc6782000000")
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000140)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000040)=[{r1}], 0x1, 0x100)
dup2(r0, r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

[  292.178549][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.184737][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x8d, &(0x7f00000003c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff0000000000000000a01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f47069863009780dd6e673a02f7ed8"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000001d80)={&(0x7f00000006c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000740)=""/171, 0xfffffffffffffe7b}, {&(0x7f0000000800)=""/68, 0x44}, {0x0}, {&(0x7f00000008c0)=""/41, 0x29}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6a7a28dc7e57db6c, &(0x7f0000001cc0)=""/182, 0xb6}, 0x0)

00:24:35 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f00000002c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)="224127fb959f252bb2ca56d7e29cff02195ff26d061bb4eafdded2e86f8046dd44afcbffdc6782000000")
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x8d, &(0x7f00000003c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff0000000000000000a01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f47069863009780dd6e673a02f7ed8"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, '@:)[\x00'}]}, 0x20}}, 0x0)

00:24:35 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x3c, &(0x7f0000000000), 0x4)

00:24:35 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000001d80)={&(0x7f00000006c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000740)=""/171, 0xfffffffffffffe7b}, {&(0x7f0000000800)=""/68, 0x44}, {0x0}, {&(0x7f00000008c0)=""/41, 0x29}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6a7a28dc7e57db6c, &(0x7f0000001cc0)=""/182, 0xb6}, 0x0)

[  292.275806][ T1033]  loop1: p2 < > p3 p4
[  292.282721][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  292.290718][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  292.296949][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:35 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f00000002c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)="224127fb959f252bb2ca56d7e29cff02195ff26d061bb4eafdded2e86f8046dd44afcbffdc6782000000")
r2 = gettid()
tkill(r2, 0x34)

00:24:35 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, '@:)[\x00'}]}, 0x20}}, 0x0)

00:24:35 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8080, &(0x7f0000000100)={0x2, 0x4e24, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x2, 0x10, 0x0, 0x0)

00:24:35 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x3c, &(0x7f0000000000), 0x4)

[  292.346861][ T1033]  loop5: p2 < > p3 p4
[  292.354360][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  292.379673][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.385948][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  292.470323][ T1033]  loop2: p2 < > p3 p4
[  292.474740][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  292.481699][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.488006][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.507787][ T1033]  loop2: p2 < > p3 p4
[  292.512009][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  292.518657][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.524863][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.547854][ T1033]  loop1: p2 < > p3 p4
[  292.552075][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  292.559324][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:24:36 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000140)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000040)=[{r1}], 0x1, 0x100)
dup2(r0, r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x2, 0x1}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private2}, 0x20)

00:24:36 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6d, &(0x7f00000002c0)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255344e22045dffbcd48a70502173d6efa56b60f48cf0c9"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)="224127fb959f252bb2ca56d7e29cff02195ff26d061bb4eafdded2e86f8046dd44afcbffdc6782000000")
r2 = gettid()
tkill(r2, 0x34)

00:24:36 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x20, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x9, 0x1, '@:)[\x00'}]}, 0x20}}, 0x0)

00:24:36 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x3c, &(0x7f0000000000), 0x4)

00:24:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0)

[  292.565476][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  292.581791][ T1033]  loop5: p2 < > p3 p4
[  292.586089][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  292.593242][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.599459][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:36 executing program 5:
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)

00:24:36 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d6", 0x53}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="4dc3", 0x2}], 0x1}, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0)

[  292.652682][ T1033]  loop2: p2 < > p3 p4
[  292.667278][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x0, 0x1f7, 0x0, 0x0, 0x0, "d435e2e6597a90470cbeb8ae973609c8d58801"})
r1 = dup2(r0, r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "0000ba00"})
r2 = syz_open_pts(r1, 0x1)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fcntl$setstatus(r2, 0x4, 0x102800)
write(r2, &(0x7f0000000000)="d5", 0xfffffdc9)

00:24:36 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x3c, &(0x7f0000000000), 0x4)

00:24:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x2, 0x1}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private2}, 0x20)

[  292.696827][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.703020][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.756895][ T1033]  loop5: p2 < > p3 p4
[  292.771023][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  292.778429][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.784827][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  292.823341][ T1033]  loop2: p2 < > p3 p4
[  292.827808][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  292.834718][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.840925][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.859329][ T1033]  loop2: p2 < > p3 p4
[  292.863705][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  292.870980][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  292.877232][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  292.893228][ T1033]  loop5: p2 < > p3 p4
[  292.897570][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  292.904297][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.910463][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:36 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000140)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000040)=[{r1}], 0x1, 0x100)
dup2(r0, r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:36 executing program 1:
set_mempolicy(0x2, &(0x7f0000000040)=0x1, 0x101)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000240)={0x0, 0x1})

00:24:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x2, 0x1}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private2}, 0x20)

00:24:36 executing program 4:
set_mempolicy(0x4002, &(0x7f0000000000)=0x1, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000740)={0x2, &(0x7f0000000700)=[{0x60}, {0x6}]})

00:24:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0)

00:24:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x0, 0x1f7, 0x0, 0x0, 0x0, "d435e2e6597a90470cbeb8ae973609c8d58801"})
r1 = dup2(r0, r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "0000ba00"})
r2 = syz_open_pts(r1, 0x1)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fcntl$setstatus(r2, 0x4, 0x102800)
write(r2, &(0x7f0000000000)="d5", 0xfffffdc9)

00:24:36 executing program 4:
set_mempolicy(0x4002, &(0x7f0000000000)=0x1, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000740)={0x2, &(0x7f0000000700)=[{0x60}, {0x6}]})

[  292.935111][ T1033]  loop5: p2 < > p3 p4
[  292.939321][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  292.953209][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  292.959406][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:36 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x2, 0x1}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private2}, 0x20)

00:24:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0)

00:24:36 executing program 1:
set_mempolicy(0x2, &(0x7f0000000040)=0x1, 0x101)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000240)={0x0, 0x1})

00:24:36 executing program 4:
set_mempolicy(0x4002, &(0x7f0000000000)=0x1, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000740)={0x2, &(0x7f0000000700)=[{0x60}, {0x6}]})

00:24:36 executing program 1:
set_mempolicy(0x2, &(0x7f0000000040)=0x1, 0x101)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000240)={0x0, 0x1})

[  293.066312][ T1033]  loop2: p2 < > p3 p4
[  293.084051][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  293.095125][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  293.101311][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  293.137335][ T1033]  loop5: p2 < > p3 p4
[  293.148931][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  293.157751][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  293.163930][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  293.200534][ T1033]  loop5: p2 < > p3 p4
[  293.204827][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  293.212000][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  293.218179][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  293.235463][ T1033]  loop5: p2 < > p3 p4
[  293.239786][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
00:24:36 executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000140)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
poll(&(0x7f0000000040)=[{r1}], 0x1, 0x100)
dup2(r0, r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:36 executing program 2:
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0xffc00807, 0x2, &(0x7f0000000040)=[{&(0x7f0000000000)="040800090000ff01e66174000404090a0200027400f8", 0x16}, {&(0x7f00000004c0)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='debug'])

00:24:36 executing program 4:
set_mempolicy(0x4002, &(0x7f0000000000)=0x1, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000740)={0x2, &(0x7f0000000700)=[{0x60}, {0x6}]})

00:24:36 executing program 0:
r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$link(0x8, r0, 0xfffffffffffffffb)

00:24:36 executing program 1:
set_mempolicy(0x2, &(0x7f0000000040)=0x1, 0x101)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000240)={0x0, 0x1})

00:24:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x0, 0x1f7, 0x0, 0x0, 0x0, "d435e2e6597a90470cbeb8ae973609c8d58801"})
r1 = dup2(r0, r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "0000ba00"})
r2 = syz_open_pts(r1, 0x1)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fcntl$setstatus(r2, 0x4, 0x102800)
write(r2, &(0x7f0000000000)="d5", 0xfffffdc9)

[  293.246950][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  293.253244][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:36 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x30}}, 0x0)

00:24:36 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
r1 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:36 executing program 0:
setgroups(0x59, 0xfffffffffffffffe)

00:24:36 executing program 2:
creat(&(0x7f0000000140)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x2, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_tcp(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000]00000000,fscontext=sysadm_u,roo,context'])

[  293.323356][ T1033]  loop1: p2 < > p3 p4
[  293.334334][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  293.357122][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  293.363414][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:36 executing program 0:
setgroups(0x59, 0xfffffffffffffffe)

00:24:36 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x30}}, 0x0)

[  293.430180][T23557] 9pnet: p9_fd_create_tcp (23557): problem connecting socket to 127.0.0.1
[  293.443517][ T1033]  loop1: p2 < > p3 p4
[  293.456697][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  293.463331][T23560] 9pnet: p9_fd_create_tcp (23560): problem connecting socket to 127.0.0.1
[  293.493940][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  293.500167][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  293.542169][ T1033]  loop1: p2 < > p3 p4
[  293.546650][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  293.553402][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  293.559687][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  293.575401][ T1033]  loop5: p2 < > p3 p4
[  293.579527][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  293.586171][ T1033] loop5: p3 start 225 is beyond EOD, truncated
00:24:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x0, 0x1f7, 0x0, 0x0, 0x0, "d435e2e6597a90470cbeb8ae973609c8d58801"})
r1 = dup2(r0, r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "0000ba00"})
r2 = syz_open_pts(r1, 0x1)
r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
fcntl$setstatus(r2, 0x4, 0x102800)
write(r2, &(0x7f0000000000)="d5", 0xfffffdc9)

00:24:37 executing program 2:
creat(&(0x7f0000000140)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x2, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_tcp(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000]00000000,fscontext=sysadm_u,roo,context'])

00:24:37 executing program 0:
setgroups(0x59, 0xfffffffffffffffe)

00:24:37 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x30}}, 0x0)

00:24:37 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
r1 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:37 executing program 3:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2})

[  293.592351][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  293.628410][ T1033]  loop2: p2 < > p3 p4
00:24:37 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x30}}, 0x0)

00:24:37 executing program 2:
creat(&(0x7f0000000140)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x2, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_tcp(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000]00000000,fscontext=sysadm_u,roo,context'])

00:24:37 executing program 3:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2})

[  293.650719][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  293.677243][T23598] 9pnet: p9_fd_create_tcp (23598): problem connecting socket to 127.0.0.1
[  293.678758][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  293.692034][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:37 executing program 0:
setgroups(0x59, 0xfffffffffffffffe)

00:24:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f0000001480)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @local}, 0x1c, &(0x7f0000000680)=[{0x0}, {&(0x7f0000000200)="25a0c1d00c14f3bdbddb36e87452dcb8b10d9796d62b7fcfab6f27bf7026701c86ccc3d43a592eb10b", 0x29}, {&(0x7f0000000240)="945470eba604b6d9ad9c681a1700445a9152d0f0b3344ac2e0ee4907d7c2881bf8f9242dc1a513225c10716acfdcefde1027fd1ddf38414792546de6b385679359bea69ffd61fb38885e825cf36aef6f03fede02a5cb587f07db593b6df97ec251189a8552ed7bb75dd2424936f4f1c8a54d994c564f09f95b67098571b2ae25b1ec497760da135bb468e9d71ff95600c155a24b35adba5a61986f946d9c2e6d0f77dbce4231d798ad8226398ba9377cc33806f08c7620165a85e587", 0xbc}, {&(0x7f0000000500)="13548da494d29da1ac55ea8022756cfa9cd0c49afa1b7de77a32330e4e25a6acfff0308be7325a30823fb783e9f5155b651189edb6bdc1dc76c9612304153fc930", 0x41}], 0x4, &(0x7f0000000700)=[@hoplimit_2292={{0x14}}], 0x18}}], 0x1, 0x0)

00:24:37 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
r1 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:37 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0xa081, 0x0)

00:24:37 executing program 3:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2})

00:24:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f0000001480)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @local}, 0x1c, &(0x7f0000000680)=[{0x0}, {&(0x7f0000000200)="25a0c1d00c14f3bdbddb36e87452dcb8b10d9796d62b7fcfab6f27bf7026701c86ccc3d43a592eb10b", 0x29}, {&(0x7f0000000240)="945470eba604b6d9ad9c681a1700445a9152d0f0b3344ac2e0ee4907d7c2881bf8f9242dc1a513225c10716acfdcefde1027fd1ddf38414792546de6b385679359bea69ffd61fb38885e825cf36aef6f03fede02a5cb587f07db593b6df97ec251189a8552ed7bb75dd2424936f4f1c8a54d994c564f09f95b67098571b2ae25b1ec497760da135bb468e9d71ff95600c155a24b35adba5a61986f946d9c2e6d0f77dbce4231d798ad8226398ba9377cc33806f08c7620165a85e587", 0xbc}, {&(0x7f0000000500)="13548da494d29da1ac55ea8022756cfa9cd0c49afa1b7de77a32330e4e25a6acfff0308be7325a30823fb783e9f5155b651189edb6bdc1dc76c9612304153fc930", 0x41}], 0x4, &(0x7f0000000700)=[@hoplimit_2292={{0x14}}], 0x18}}], 0x1, 0x0)

00:24:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800009, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f0000001480), 0x0)

00:24:37 executing program 2:
creat(&(0x7f0000000140)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x2, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_tcp(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000]00000000,fscontext=sysadm_u,roo,context'])

[  293.822821][T23616] 9pnet: p9_fd_create_tcp (23616): problem connecting socket to 127.0.0.1
[  293.832965][ T1033]  loop2: p2 < > p3 p4
[  293.850172][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:37 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4)
r1 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)

00:24:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f0000001480)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @local}, 0x1c, &(0x7f0000000680)=[{0x0}, {&(0x7f0000000200)="25a0c1d00c14f3bdbddb36e87452dcb8b10d9796d62b7fcfab6f27bf7026701c86ccc3d43a592eb10b", 0x29}, {&(0x7f0000000240)="945470eba604b6d9ad9c681a1700445a9152d0f0b3344ac2e0ee4907d7c2881bf8f9242dc1a513225c10716acfdcefde1027fd1ddf38414792546de6b385679359bea69ffd61fb38885e825cf36aef6f03fede02a5cb587f07db593b6df97ec251189a8552ed7bb75dd2424936f4f1c8a54d994c564f09f95b67098571b2ae25b1ec497760da135bb468e9d71ff95600c155a24b35adba5a61986f946d9c2e6d0f77dbce4231d798ad8226398ba9377cc33806f08c7620165a85e587", 0xbc}, {&(0x7f0000000500)="13548da494d29da1ac55ea8022756cfa9cd0c49afa1b7de77a32330e4e25a6acfff0308be7325a30823fb783e9f5155b651189edb6bdc1dc76c9612304153fc930", 0x41}], 0x4, &(0x7f0000000700)=[@hoplimit_2292={{0x14}}], 0x18}}], 0x1, 0x0)

00:24:37 executing program 3:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2})

[  293.869449][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  293.875617][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  294.006460][T23639] 9pnet: p9_fd_create_tcp (23639): problem connecting socket to 127.0.0.1
00:24:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800009, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f0000001480), 0x0)

00:24:37 executing program 3:
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)

00:24:37 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_cache\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pread64(r0, &(0x7f0000000340)=""/191, 0x3e, 0x0)

00:24:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f0000001480)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @local}, 0x1c, &(0x7f0000000680)=[{0x0}, {&(0x7f0000000200)="25a0c1d00c14f3bdbddb36e87452dcb8b10d9796d62b7fcfab6f27bf7026701c86ccc3d43a592eb10b", 0x29}, {&(0x7f0000000240)="945470eba604b6d9ad9c681a1700445a9152d0f0b3344ac2e0ee4907d7c2881bf8f9242dc1a513225c10716acfdcefde1027fd1ddf38414792546de6b385679359bea69ffd61fb38885e825cf36aef6f03fede02a5cb587f07db593b6df97ec251189a8552ed7bb75dd2424936f4f1c8a54d994c564f09f95b67098571b2ae25b1ec497760da135bb468e9d71ff95600c155a24b35adba5a61986f946d9c2e6d0f77dbce4231d798ad8226398ba9377cc33806f08c7620165a85e587", 0xbc}, {&(0x7f0000000500)="13548da494d29da1ac55ea8022756cfa9cd0c49afa1b7de77a32330e4e25a6acfff0308be7325a30823fb783e9f5155b651189edb6bdc1dc76c9612304153fc930", 0x41}], 0x4, &(0x7f0000000700)=[@hoplimit_2292={{0x14}}], 0x18}}], 0x1, 0x0)

[  294.132019][ T1033]  loop2: p2 < > p3 p4
[  294.138913][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  294.165139][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  294.171347][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  294.228676][ T1033]  loop2: p2 < > p3 p4
[  294.232965][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  294.240008][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  294.246179][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  294.274663][ T1033]  loop5: p2 < > p3 p4
[  294.279065][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  294.285604][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  294.291818][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  294.334947][ T1033]  loop5: p2 < > p3 p4
[  294.339258][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  294.346104][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  294.352376][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  294.379398][ T1033]  loop5: p2 < > p3 p4
[  294.383512][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  294.390170][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  294.396447][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  294.416217][ T1033]  loop1: p2 < > p3 p4
[  294.420456][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  294.427311][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  294.433505][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  294.449187][ T1033]  loop5: p2 < > p3 p4
[  294.453341][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  294.460060][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  294.466314][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  294.508239][ T1033]  loop1: p2 < > p3 p4
[  294.512472][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  294.519512][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  294.525680][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:38 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0xa081, 0x0)

00:24:38 executing program 1:
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="12999b10c6001f514cb55d"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0x3c, &(0x7f0000000040))

00:24:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800009, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f0000001480), 0x0)

00:24:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4b, &(0x7f0000000200)="c4c691017bd59601fbe67ef888feaf096d016a14c5a862a579937a4391f2b98670484d701b29eaec752b018db212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36b68cfd160d816229"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1e681e6e61197c7582265beb6311c2daf20eaebeeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:38 executing program 3:
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)

00:24:38 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_cache\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pread64(r0, &(0x7f0000000340)=""/191, 0x3e, 0x0)

00:24:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4b, &(0x7f0000000200)="c4c691017bd59601fbe67ef888feaf096d016a14c5a862a579937a4391f2b98670484d701b29eaec752b018db212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36b68cfd160d816229"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1e681e6e61197c7582265beb6311c2daf20eaebeeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800009, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f0000001480), 0x0)

00:24:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4b, &(0x7f0000000200)="c4c691017bd59601fbe67ef888feaf096d016a14c5a862a579937a4391f2b98670484d701b29eaec752b018db212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36b68cfd160d816229"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1e681e6e61197c7582265beb6311c2daf20eaebeeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:38 executing program 3:
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)

[  295.264597][ T1033]  loop5: p2 < > p3 p4
[  295.273389][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  295.302744][ T1033] loop5: p3 start 225 is beyond EOD, truncated
00:24:38 executing program 1:
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="12999b10c6001f514cb55d"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0x3c, &(0x7f0000000040))

00:24:38 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_cache\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pread64(r0, &(0x7f0000000340)=""/191, 0x3e, 0x0)

[  295.308961][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  295.420176][ T1033]  loop5: p2 < > p3 p4
[  295.428779][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  295.438182][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  295.444389][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  295.469714][ T1033]  loop1: p2 < > p3 p4
[  295.473837][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  295.480593][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  295.486900][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  295.504051][ T1033]  loop2: p2 < > p3 p4
[  295.508343][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  295.514939][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  295.521126][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:39 executing program 3:
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0)

00:24:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x102440, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$getflags(r1, 0x401)

00:24:39 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0xa081, 0x0)

00:24:39 executing program 1:
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="12999b10c6001f514cb55d"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0x3c, &(0x7f0000000040))

00:24:39 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4b, &(0x7f0000000200)="c4c691017bd59601fbe67ef888feaf096d016a14c5a862a579937a4391f2b98670484d701b29eaec752b018db212e01c15bc26a21c10dd0afa02c06c25bc63285a6e36b68cfd160d816229"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1e681e6e61197c7582265beb6311c2daf20eaebeeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:39 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_cache\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pread64(r0, &(0x7f0000000340)=""/191, 0x3e, 0x0)

00:24:39 executing program 1:
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="12999b10c6001f514cb55d"], 0xe8}}, 0x0)
clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x40)
wait4(0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
rt_sigqueueinfo(r1, 0x3c, &(0x7f0000000040))

00:24:39 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0xe, 0x5ee}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

00:24:39 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@empty}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}, 0x2}}]}, 0x138}}, 0x0)

00:24:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x102440, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$getflags(r1, 0x401)

[  295.895825][ T1033]  loop1: p2 < > p3 p4
[  295.900266][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:39 executing program 2:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
read(r1, &(0x7f0000000500)=""/259, 0x103)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0105303, &(0x7f0000000140)={{0x7}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, 0x0)
tkill(r0, 0x7)

[  296.076953][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  296.083284][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:39 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@empty}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}, 0x2}}]}, 0x138}}, 0x0)

00:24:39 executing program 1:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000), 0x4)

00:24:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

[  296.178391][ T1033]  loop5: p2 < > p3 p4
[  296.183575][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  296.204492][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  296.210819][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  296.242258][ T1033]  loop2: p2 < > p3 p4
[  296.246429][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  296.253122][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  296.259493][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  296.285035][ T1033]  loop1: p2 < > p3 p4
[  296.289200][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  296.295938][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  296.302113][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  296.317939][ T1033]  loop5: p2 < > p3 p4
[  296.322186][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  296.328919][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  296.335062][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  296.355976][ T1033]  loop1: p2 < > p3 p4
[  296.360540][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  296.367626][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  296.373805][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  296.399616][ T1033]  loop5: p2 < > p3 p4
[  296.403719][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  296.410575][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  296.416791][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  296.446434][ T1033]  loop2: p2 < > p3 p4
[  296.450610][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  296.457586][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  296.463755][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:40 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0)
sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0xa081, 0x0)

00:24:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x102440, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$getflags(r1, 0x401)

00:24:40 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@empty}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}, 0x2}}]}, 0x138}}, 0x0)

00:24:40 executing program 1:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000), 0x4)

00:24:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

00:24:40 executing program 2:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
read(r1, &(0x7f0000000500)=""/259, 0x103)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0105303, &(0x7f0000000140)={{0x7}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, 0x0)
tkill(r0, 0x7)

00:24:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x102440, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$getflags(r1, 0x401)

00:24:40 executing program 1:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000), 0x4)

00:24:40 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@empty}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}, 0x2}}]}, 0x138}}, 0x0)

[  296.784064][ T1033]  loop1: p2 < > p3 p4
00:24:40 executing program 1:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000), 0x4)

00:24:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

00:24:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

[  296.804840][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  296.814686][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  296.820916][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  297.072708][ T1033]  loop5: p2 < > p3 p4
[  297.077015][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  297.083800][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  297.090009][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  297.135753][ T1033]  loop2: p2 < > p3 p4
[  297.140064][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  297.146874][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  297.153340][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  297.170869][ T1033]  loop5: p2 < > p3 p4
[  297.175112][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  297.182237][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  297.188410][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
00:24:41 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='loginuid\x00')
write$char_raw(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x200)

00:24:41 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

00:24:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

00:24:41 executing program 2:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
read(r1, &(0x7f0000000500)=""/259, 0x103)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0105303, &(0x7f0000000140)={{0x7}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, 0x0)
tkill(r0, 0x7)

00:24:41 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000001cc0)=""/234)

00:24:41 executing program 1:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000500)=[{&(0x7f0000000400)=""/98, 0x62}], 0x1)
recvfrom$inet6(r3, &(0x7f0000000000)=""/47, 0x2f, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x200000000e26a, 0x0)

00:24:41 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='loginuid\x00')
write$char_raw(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x200)

00:24:41 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000200)={0x7fff, 0x0, 0x0, 0xfffffffd, 0x0, "68f8c323182bdaa6f789158de59cda9b7836a8"})
r1 = dup2(r0, r0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "79db969644824a44de994056b8aace38896ac6"})

00:24:41 executing program 5:
r0 = socket(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffa, 0x4)

00:24:41 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000001cc0)=""/234)

00:24:41 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='loginuid\x00')
write$char_raw(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x200)

00:24:41 executing program 5:
r0 = socket(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffa, 0x4)

00:24:41 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

[  297.699472][ T1033]  loop5: p2 < > p3 p4
[  297.714128][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  297.727722][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  297.733919][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  297.762032][T23990] netlink: 1288 bytes leftover after parsing attributes in process `syz-executor.1'.
[  297.796531][T23997] loop0: detected capacity change from 0 to 4096
[  297.822658][ T1033]  loop5: p2 < > p3 p4
[  297.828282][T23997] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  297.838680][ T1033] loop5: p2 size 2 extends beyond EOD, truncated
[  297.847948][ T1033] loop5: p3 start 225 is beyond EOD, truncated
[  297.854111][ T1033] loop5: p4 size 3657465856 extends beyond EOD, truncated
[  297.910541][ T1033]  loop2: p2 < > p3 p4
[  297.916400][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  297.923531][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  297.929753][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:41 executing program 1:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000500)=[{&(0x7f0000000400)=""/98, 0x62}], 0x1)
recvfrom$inet6(r3, &(0x7f0000000000)=""/47, 0x2f, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x200000000e26a, 0x0)

00:24:41 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000001cc0)=""/234)

00:24:41 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='loginuid\x00')
write$char_raw(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x200)

00:24:41 executing program 5:
r0 = socket(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffa, 0x4)

00:24:41 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

00:24:41 executing program 2:
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
read(r1, &(0x7f0000000500)=""/259, 0x103)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0105303, &(0x7f0000000140)={{0x7}})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, 0x0)
tkill(r0, 0x7)

00:24:42 executing program 5:
r0 = socket(0x2, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffa, 0x4)

00:24:42 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000001cc0)=""/234)

[  298.531812][ T1033]  loop1: p2 < > p3 p4
[  298.536042][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  298.558798][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  298.565036][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  298.576655][T24044] loop0: detected capacity change from 0 to 4096
00:24:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

00:24:42 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:42 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

[  298.615374][T24044] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
00:24:42 executing program 4:
fork()
syz_open_procfs(0x0, &(0x7f0000000140)='net/rt_cache\x00')
fork()

[  298.718227][T24079] netlink: 1288 bytes leftover after parsing attributes in process `syz-executor.1'.
[  298.739845][T24083] loop0: detected capacity change from 0 to 4096
[  298.758644][T24083] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  298.794796][ T1033]  loop2: p2 < > p3 p4
[  298.799223][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  298.805749][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  298.811916][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:42 executing program 1:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000500)=[{&(0x7f0000000400)=""/98, 0x62}], 0x1)
recvfrom$inet6(r3, &(0x7f0000000000)=""/47, 0x2f, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x200000000e26a, 0x0)

00:24:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

00:24:42 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:42 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:42 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_mempolicy(0x1, &(0x7f0000000040)=0x3, 0x2)
ioctl$KDGKBDIACR(r0, 0x4b48, &(0x7f00000012c0)=""/200)

00:24:42 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

00:24:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dbf4655fdbf4655f0100ffff53ef010001000000daf4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="00000000000000000000000082e36724c6f34caa846ed2e527703378010040", 0x1f, 0x4e0}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000010500)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000010000000daf4655fdbf4655fdbf4655f00000000000004008000000000000800050000000af301000400000000000000000000000900000010", 0x3d, 0x4400}], 0x0, &(0x7f00000000c0)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x141042, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)=ANY=[], 0xab)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

[  299.485889][ T1033]  loop1: p2 < > p3 p4
[  299.490147][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  299.511865][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  299.518122][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  299.526486][T24113] loop0: detected capacity change from 0 to 4096
00:24:43 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_mempolicy(0x1, &(0x7f0000000040)=0x3, 0x2)
ioctl$KDGKBDIACR(r0, 0x4b48, &(0x7f00000012c0)=""/200)

[  299.566622][T24113] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  299.584645][ T1033]  loop2: p2 < > p3 p4
[  299.591774][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  299.598880][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  299.605045][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:43 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

[  299.605231][T24137] netlink: 1288 bytes leftover after parsing attributes in process `syz-executor.1'.
00:24:43 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:43 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_mempolicy(0x1, &(0x7f0000000040)=0x3, 0x2)
ioctl$KDGKBDIACR(r0, 0x4b48, &(0x7f00000012c0)=""/200)

00:24:43 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x1, 0x0, 0xffffffb8, '\v'})

[  299.706366][ T1033]  loop2: p2 < > p3 p4
[  299.713381][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  299.720457][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  299.726654][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:43 executing program 1:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000500)=[{&(0x7f0000000400)=""/98, 0x62}], 0x1)
recvfrom$inet6(r3, &(0x7f0000000000)=""/47, 0x2f, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
r4 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x200000000e26a, 0x0)

00:24:43 executing program 3:
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400a831, 0xffffffffffffffff, 0x8000000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
remap_file_pages(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x2, 0x0)

00:24:43 executing program 2:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
set_mempolicy(0x1, &(0x7f0000000040)=0x3, 0x2)
ioctl$KDGKBDIACR(r0, 0x4b48, &(0x7f00000012c0)=""/200)

00:24:43 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x1, 0x0, 0xffffffb8, '\v'})

00:24:43 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:43 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = msgget$private(0x0, 0x43a)
msgrcv(r2, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
msgsnd(r2, &(0x7f0000000040)={0x1}, 0x8, 0x0)

00:24:43 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x1, 0x0, 0xffffffb8, '\v'})

00:24:43 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f", 0x2d}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

00:24:43 executing program 3:
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400a831, 0xffffffffffffffff, 0x8000000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
remap_file_pages(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x2, 0x0)

[  300.388086][ T1033]  loop1: p2 < > p3 p4
[  300.392241][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  300.416734][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  300.422918][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:43 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)={0x1, 0x0, 0xffffffb8, '\v'})

00:24:43 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f", 0x2d}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

00:24:43 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0xa, 0x0, 0x0, 0xffffc0fe}, 0x18, &(0x7f0000000280)={0x0}}, 0x20008001)

[  300.470796][ T1033]  loop2: p2 < > p3 p4
[  300.475069][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  300.482446][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  300.488656][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  300.488825][T24208] netlink: 1288 bytes leftover after parsing attributes in process `syz-executor.1'.
[  300.575509][ T1033]  loop2: p2 < > p3 p4
[  300.579809][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  300.586401][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  300.592579][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:44 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0xa, 0x0, 0x0, 0xffffc0fe}, 0x18, &(0x7f0000000280)={0x0}}, 0x20008001)

00:24:44 executing program 5:
prlimit64(0x0, 0xdd17f775c061813d, 0x0, 0x0)

00:24:44 executing program 3:
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400a831, 0xffffffffffffffff, 0x8000000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
remap_file_pages(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x2, 0x0)

00:24:44 executing program 0:
clock_gettime(0x9, &(0x7f0000000000))

00:24:44 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7b93bafe8bd792fd83ef5e2d13e5d8061127e1184f6737ae2160e9625437720dc30d551dc7a47017413b317d70f98aa1a38917ada589dc5f0e92e69b0ce25d7746ba7e7e030648284bc725be3271be5c726ca35238631e1280600f2b8823d97a7e76a1f31b980bf98f29e1b7c4bd313634c0ac4b4ef078f736b3442db", 0xba}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x1)

00:24:44 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0xa, 0x0, 0x0, 0xffffc0fe}, 0x18, &(0x7f0000000280)={0x0}}, 0x20008001)

00:24:44 executing program 0:
clock_gettime(0x9, &(0x7f0000000000))

00:24:44 executing program 3:
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x400a831, 0xffffffffffffffff, 0x8000000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
remap_file_pages(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x2, 0x0)

00:24:44 executing program 5:
prlimit64(0x0, 0xdd17f775c061813d, 0x0, 0x0)

[  301.259815][ T1033]  loop1: p2 < > p3 p4
[  301.263996][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  301.287478][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  301.293671][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:44 executing program 0:
clock_gettime(0x9, &(0x7f0000000000))

00:24:46 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f", 0x2d}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

00:24:46 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0xa, 0x0, 0x0, 0xffffc0fe}, 0x18, &(0x7f0000000280)={0x0}}, 0x20008001)

00:24:46 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x27}})

00:24:46 executing program 5:
prlimit64(0x0, 0xdd17f775c061813d, 0x0, 0x0)

00:24:46 executing program 0:
clock_gettime(0x9, &(0x7f0000000000))

00:24:46 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7b93bafe8bd792fd83ef5e2d13e5d8061127e1184f6737ae2160e9625437720dc30d551dc7a47017413b317d70f98aa1a38917ada589dc5f0e92e69b0ce25d7746ba7e7e030648284bc725be3271be5c726ca35238631e1280600f2b8823d97a7e76a1f31b980bf98f29e1b7c4bd313634c0ac4b4ef078f736b3442db", 0xba}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x1)

00:24:47 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000050c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000002a00)=[@pktinfo={{0x24, 0x29, 0x3b, {@local}}}], 0x28}}], 0x2, 0x0)

00:24:47 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x27}})

00:24:47 executing program 5:
prlimit64(0x0, 0xdd17f775c061813d, 0x0, 0x0)

00:24:47 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x3e, 0x4, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f00000004c0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@ip_retopts={{0x14, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x5d}]}}}], 0x18}}], 0x1, 0x0)

[  303.551188][ T1033]  loop2: p2 < > p3 p4
[  303.564166][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  303.585758][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  303.591996][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:47 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000050c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000002a00)=[@pktinfo={{0x24, 0x29, 0x3b, {@local}}}], 0x28}}], 0x2, 0x0)

00:24:47 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x27}})

00:24:50 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f", 0x2d}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

00:24:50 executing program 5:
r0 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r1)
getresuid(&(0x7f0000000040), &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0))
setresuid(r3, 0x0, r1)

00:24:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x3e, 0x4, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f00000004c0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@ip_retopts={{0x14, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x5d}]}}}], 0x18}}], 0x1, 0x0)

00:24:50 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)=@ethtool_sset_info={0x27}})

00:24:50 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000050c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000002a00)=[@pktinfo={{0x24, 0x29, 0x3b, {@local}}}], 0x28}}], 0x2, 0x0)

00:24:50 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7b93bafe8bd792fd83ef5e2d13e5d8061127e1184f6737ae2160e9625437720dc30d551dc7a47017413b317d70f98aa1a38917ada589dc5f0e92e69b0ce25d7746ba7e7e030648284bc725be3271be5c726ca35238631e1280600f2b8823d97a7e76a1f31b980bf98f29e1b7c4bd313634c0ac4b4ef078f736b3442db", 0xba}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x1)

[  306.544624][ T1033]  loop1: p2 < > p3 p4
[  306.548831][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  306.555460][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  306.561636][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x3e, 0x4, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f00000004c0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@ip_retopts={{0x14, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x5d}]}}}], 0x18}}], 0x1, 0x0)

00:24:50 executing program 5:
r0 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r1)
getresuid(&(0x7f0000000040), &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0))
setresuid(r3, 0x0, r1)

00:24:50 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000050c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000002a00)=[@pktinfo={{0x24, 0x29, 0x3b, {@local}}}], 0x28}}], 0x2, 0x0)

00:24:50 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:50 executing program 5:
r0 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r1)
getresuid(&(0x7f0000000040), &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0))
setresuid(r3, 0x0, r1)

[  306.615103][ T1033]  loop2: p2 < > p3 p4
[  306.619874][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  306.645256][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  306.651551][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x3e, 0x4, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r1, &(0x7f00000004c0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@ip_retopts={{0x14, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x5d}]}}}], 0x18}}], 0x1, 0x0)

00:24:53 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000180)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7b93bafe8bd792fd83ef5e2d13e5d8061127e1184f6737ae2160e9625437720dc30d551dc7a47017413b317d70f98aa1a38917ada589dc5f0e92e69b0ce25d7746ba7e7e030648284bc725be3271be5c726ca35238631e1280600f2b8823d97a7e76a1f31b980bf98f29e1b7c4bd313634c0ac4b4ef078f736b3442db", 0xba}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x34)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x1f, r0, 0x0, 0x1)

00:24:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:53 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:53 executing program 5:
r0 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0x0, r1)
getresuid(&(0x7f0000000040), &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0))
setresuid(r3, 0x0, r1)

00:24:53 executing program 0:
r0 = syz_io_uring_setup(0x1152, &(0x7f00000003c0), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0xcbb1c5c5b8448d1e, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x0)
io_uring_enter(r0, 0x30d1, 0x0, 0x0, 0x0, 0x0)

00:24:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x8914, &(0x7f0000000280)={'sit0\x00', 0x0})

[  309.594398][ T1033]  loop1: p2 < > p3 p4
[  309.598597][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:24:53 executing program 0:
r0 = syz_io_uring_setup(0x1152, &(0x7f00000003c0), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0xcbb1c5c5b8448d1e, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x0)
io_uring_enter(r0, 0x30d1, 0x0, 0x0, 0x0, 0x0)

00:24:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x8914, &(0x7f0000000280)={'sit0\x00', 0x0})

00:24:53 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000)={0xfffffffd}, 0x4)

00:24:53 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

[  309.638121][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  309.644340][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:53 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x8914, &(0x7f0000000280)={'sit0\x00', 0x0})

[  309.733784][ T1033]  loop2: p2 < > p3 p4
[  309.746718][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  309.763270][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  309.769465][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  309.791392][ T1033]  loop2: p2 < > p3 p4
[  309.795528][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  309.802867][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  309.809087][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  309.855602][ T1033]  loop2: p2 < > p3 p4
[  309.859716][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  309.866286][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  309.872465][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x8914, &(0x7f0000000280)={'sit0\x00', 0x0})

00:24:56 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000)={0xfffffffd}, 0x4)

00:24:56 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:56 executing program 0:
r0 = syz_io_uring_setup(0x1152, &(0x7f00000003c0), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0xcbb1c5c5b8448d1e, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x0)
io_uring_enter(r0, 0x30d1, 0x0, 0x0, 0x0, 0x0)

00:24:56 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000000000a01, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000240))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200))
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, "f7435004b576e0601ca20fe3c0c338cafb6512"})
r2 = syz_open_pts(r1, 0x0)
readv(r2, &(0x7f00000001c0)=[{&(0x7f0000001940)=""/4076, 0xfec}], 0x1)
read(r2, &(0x7f0000000100)=""/19, 0x13)

00:24:56 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 0:
r0 = syz_io_uring_setup(0x1152, &(0x7f00000003c0), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0xcbb1c5c5b8448d1e, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x0)
io_uring_enter(r0, 0x30d1, 0x0, 0x0, 0x0, 0x0)

00:24:56 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000)={0xfffffffd}, 0x4)

00:24:56 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040))
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x40000009})

00:24:56 executing program 3:
rt_sigaction(0xd, &(0x7f0000000000)={&(0x7f00000000c0)="c42271bba30945c4930f72d106c4c27d13b20000000036c7f80b000000c4417d70b8930000003cc4637d192553000000eec483b121e700c442f9aaf0c4c110562ec402b1b824c290", 0x1, 0x0}, 0x0, 0x8, &(0x7f0000000400))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
shutdown(r1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c}}], 0x20}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001580)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fork()
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$netlink(r3, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0)
r7 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70}, r7, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000080)={<r9=>0x0, <r10=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r10)
mq_open(&(0x7f00000015c0)='{\x00', 0x40, 0x10, &(0x7f0000001600)={0x9, 0x1, 0x5, 0x1})
sendmmsg$unix(r0, &(0x7f0000000f00)=[{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000200)="a18d45a38cd25c504f0ea2315c5627f29679ffcb517b9ac97760d96b922a47be32af64d7ab0cdc327b2f49a4dbff1606939d751aecaacb07ceab4d30c50f6f9be06aedc1767f1382867ab0ca8c16152cf0ca990e15933fd8b1d817de05c5a94461d463cac3f43cdeaf8804fd9aafde394f30635684cf141a9893dbb8fe05759bf6be20515df123565b729024b8ab1ed5eadf03d33115cb68de366bcde7ed6e46f5b204ac17be4d660d4d743c765d3c3e7ba72a329deede80", 0xb8}, {&(0x7f0000001640)="0eccc951a9c67ac8e3631487b4bddc1100a745738fdac42a9a04da9dbe655be16bb0b9301338725517fb75eee20f4c3718de34dc08cf8be7331ee294134992973fc16efb6bed504ceafd9bc72304918ae68babe439f143186d9982ed5e85decbb01ac3f70e7890cd7044c347282a39f5b32f6e8c1a8af0833f3462527fb84dea4a0503d4a46cdcf1d05939509a140592b675f19bea3a2d765432468258d9ff119b4a8cfa1c22e0dc33c8da60e377628f303e534a692b891675210ad58339aeeedfa016877a8d6ff54dbea7b7af9d39d961181529d0de55bd7724dedb1a8419476c182e9855b106d28e600c0791249f9cc1b070c272a7a2e8a552c51d8e307a688a3a3930637acf152d0ee46e2cc32a47cfb246384a2b3cd3f368eb6d85ce316f91c14d445df9a38c225e4f93fbe89d717d0c5dae2f7e47231a07a66684f810feac1a20166850c9c341ff78e7b716e3220c92e2ace8fe98be8a835e84fd0f41fcefd5bab09a3c90307d15097f2f26ea3bf88ef076330ec2f8bc1e68a6aef93ad47b17ab81bee502a0daecb30bb294aa9d83b4f89c250e02b918bcb5e014f2b7fcf4439eaa3d7880d002268e97d2677b306df1717e919521ac2daf62a3d84351cd215b86117c199060c282fd3d51b28253cadeb61c1b180389e2f78aaf855aeb699e7088b1093bcc1634f63861629534e3d3832e5a881f4b15e8219fe4b96a3c7da28659b424470a6cab998fa3cd163577033a19738094dd2699fc22fe06bf9ee345d527e12f094c8e30e48c41c9f75e56273ce0222f3dfc76be372ab77132546a586a7aa4a3e183f33bd9540c73d26c4d740a575e920f7afc6030ddf877ddcff1eed6e38b7262c77c229e0a1341da2042a434484a8a5f672b3558b3c7e58b0856ecb1bf03afa563d9f4320c4bb6fb3153b3aff3b45049cc35bfbc80c654452cea5ef2b0648a765aedb7b484d8e4a57c9d879f27d79b8191ee6a8414ec1cb1322c4b31e880f7226391f0f1f68bce123905fd90e8a09c6d9dcf9525d47df59f9dcc59cdb35b88f70ad3e21b4824c38beda1de900c73eb37b120487a79913b62a6cf2d5f7d4a7c69fc7eddc282825c1bf96cbcf5d1c3e0ae5e808eb66f13dc7c05141819c19301ef892be441b4d29b409900fc5bfef8bf84c6c4b20fc0a7c5e23fcb6f55d435d436108ad6ca3fbcdb10ce151ac92ded4c45ca284600f6e33ced3af788ae3abbd96225a80a459e0abca2259ea4350e2eb6af35bae40d0c90e17349b103f179a5432eec898a84ebaeb082fc85634a60ee82f6c97de09a989143c6f9dd6ed4c65c041a0c0e3537a338dd3867397c419e98632234e570153882e725a26c72414fc2132cb20e037304441307ed2bbb3ba71b8eb91a20af5997a48508e6b51ca911a7859e0d77bc48308712a03c21805269d96a8bb1239097fc5c177b88e1e57d3a49eb6b08b446d7114bf8b79214c19fde0ee09d15292d40665ac6ade91ac842064ddc710f20028cf3c0c55ed0cff3ce36ddac04796c226ef03a2c87aa3871840c08338b9afabbea71223cfac5124e9db05d551f4bf8ab76aff826178e709c747e523556b275c1d6a4c4fa71653d31a121bb4fb789bfa52d44a5c95b856a73cb163e37033d669f714fd58840ca71ede314a9e33fa4aac0b43b5ce004ed55f0ddef03d005e9045635a60c63b0136ee7c532596b7f166d3e132f1b15ac29560f60cc11fa2a9e56837b287a5c086847a1bb8cda227a57e767b63beacf1c5dd9dc7b3f57c0f1920e53bca44da0b65c9a64105d61f152d3cc333d0f84cd3e8b9b1331b6f34fc57968d81570e00294190f810c54d6cb7c5972385bc42efd2ae3de45a920d530442f051a24cb346c00b2e7aab1e3a2bb7940a445d709e85f632b299ca62abed4b7d85b886b92b4c6192888c87df7f73fe4abe375347bac84e3caf372cbe82cc6519e28bb2ef80b141f844b656d385e0093d7412b31e98040ff867d56f33522abd8e26d0059ffe0e5635c81c572c4d6c2fec7f0755f1814b7c70b39c6c219e8dff3ca7b75ff70166dae1a081e1dcb3b499a2d30054d19e3fa9ea89c1c22800cbc912721b3dc1decbd3a4bcd8b1e8e83c02fe583648f0b0aeea5b96b391b61cf090e04e16b5264ec6dcba1c0233d69c24d896f73a8ec4de8149994ca6e2b6c627cfe610903d775ecbd357708dcb1c91a1683aae97d11975806a5008c51d1cf68027d8b5de63d9fd835ea559f1aedc4af8f4b64df5fb2c9503d53b5cf90bb586941c8f1fded765e1b899c84ac7c067f954a86da69f384c7aa2f4efb0d0503c7e2634898f2bb8780746317f78c9350dac8cadb7bcb692189bfb8fe394d8d6cbb14d00fb4d9cd1ff1afdf11cf794c8dd0e127244505dcf1942c678f9bcd06d17af7625cf982dae782540f7dd959d6761f6e072beb76f124f8972efc1fb67c9c700192fc10ef06a91113555fdbd93d3edecfc34550cc4ef781e74843a5bf99a25cc686fd9684f5b365934ab817a74f4ec4440fadb8c495a6af45f15a20919e13413ac8378ec6a94ff8b09928087c90a185d8e1936b9f1c33f28a98e78b8768a8c2c345b5da2e64a68bf3606eeca247ddacf1e35964f21322286ef492c3321a594485a02159b89b0400690799ed1adfed1d49bc1595243afcfa2b5a143797dd32facf5ac3eeb27e6365ca3e485e7c1a5ad9925fbdbad14e7fb57d9e47f63d35b4260b0dfae196f03456f5bf6be5e4fe700f768e10b4fab0d70851120a3b6b20774ba5980080cd706ea55b459018634afdc9badc0e406eb756930738da714c25bfa3e6c0a554a7a4ea2f0db6b3478524b5fb7195693d3c20ef295213dbdc32cd726189a8a5b351264ed8664aa4c56a315d781ec44dee0be40dc81c5a55f2dd6a6936a437d9292dc406bd1df40b623faf6a4e8ad5f6679314c232f34e41c4249f11ad416908b41f7c391fb0c5e4b517a6f72c83f32a393ebe70b07a9919da26bda8adb500e73bcf45780e963a9553e770841c920f109502a4e9ed15029b645c454b4f9a471d1e98fbafe8b860d21c1349a64d105205ad6cc415bb6c6f3fd4b04eeac2dc0fea1aa10fed58ea68f4e6102bfa63b55672d94049b9859349753a75a056da503f7f0da1700ef391ed97b6b771a00c962c736973523819d5aa419e1e6611e02c027401fbf538caf71f2f66059dff886ec13b71bdc92da9e80bf000d4f2dfc9cb8149420a5b129e0864e25528bf9e5488aeedaa8f43bb7a3ff6e571cb3cac55db7bbdd0c9f36662d89a34afc95489d73ecf234f1b52bd9dec1913c2dfdc1f6be187e6e56d3c25d688522a1b02637de07086bad50317fe2167f36ba34eba02bdb28089af2ef22304fa33b0c12a7481edbc63b8acd176f4bdfff05b27f1fab1bfe4c99dd73f519d9a863d0b17f5fdcb23302db3bd3acbee3a819fec5985bc0c6a92c62d33121250091cdb5ce11c8efadca53673dd2ec3385c4c7d2b27016a6f8004d7af2a754449228c2d378f1963bda09666d4a4479d6b3a4da6252f93ea6c6f675a1a26e7d7b802571e09bdb87840a33feabd464f7baab6693e156c9cb9c30b9568a3d162f11f236953f0d5fe45015658dc3544f3e16364b0129f4e76a00b44ed882fbb1afee816c0d00e49bcc9056731e9bb2b871f866e9ab20b80d588f86f97e423cbf40581ca549f6099e694d791004ac422065c6678e9632f5de874c4078915390cfc52ef656c0cb9d6d5ac322181006e95933cba3f5e50258e2b93ab2624958ce671d73312b10b539bd65c493c94da3131eb018490e9c80230b706ab0c8d39e1d23974eb9eff655404ff7ce88f5ebdff6cf182c2caa336b6829ec53bafdc8c714322a7d2ce97e2d013978586028f146db1ce5e315e25279293d565b258e7b3846ca0f686239b1fc2387839377cc26c0886eafd93247296f3b90ba33b1cb32a055f553cd3951e5e252597961c79610741e31a1b77b36cde8d6675551f5296d8ead7b502d4f55248c956c017aca27061f2a30d5217bec0016e2cb0cea93269a6eab721c0ea7e8dca19101ed5106631d356e19421af69d6459f358bc65ea3124a8dcf7e19fb6fddccb9581d86c94cb676c0c94fb7cd2f5b527d841281020d9d3ed13789fa9f92da9300eee3b56beaf547e5a7392e75202bc5ce3377f6c72ac37ac09e6e11d80ce313e3049334e61b93470fe5e9379653926b08a2be02399b10e86c2e5e1586bdfd54f7e0f720b2f812953842b91764d2bef309c20e48446acc2debac036cf8b89c303f8791a089e3859b70bf388e3007c2887948f484a4ca43f0a01a993a07afffcf780f48067fe052260733228d991f124a852690071621511031b628643d03e0a46ea7c933f5b5b86a7d3274213c229b77775c402c8613fd8a87da7ac5556edcc9bf27a4f171e91c27ec3932cc7654bca237b5cae1e0a5ced4a4b8d2b44518bdc61a9d7b8d1db77f478e80b1e17eac827c1a30f828cab6d5e532dac738ce8eff699b394d17e833f7586a59570f683a45e514d576db2503ce1913d9adbaf9cabf8c5fb4c84f88c775879dc6fbd489c1701271cc79573c6f31cd540c37d99c025f4b41de4ff124ba9b7e7e006a1955e50e22e32374a246d78e9f7baa1aed2916dd128ee01e5885d944fd5fd6ae87fce1809f60f68d3cad161d676daa33242c306d178c79c4dd130287425c919d5c05abe5b55217d484b55b6dc46929daf45b3101e35e1dab160aa635bec200155ac3622b7237430c7c8bdd693dd71d28fa44d8425eb0f09678a9497f051172d70deac805cf83cbcadf0e241322864276056194b2e2c8cf4ce75b41ad0fb8bfd34a67b2f74b2d8ff39ae0b3906a1f438286d6d0f44bd2da47a4cb3a17c788402ddef68f8f6e954c07f74a52d9e10f8b19428ef5045ef632aa874157d625faa7fb5c24d00f5ec2ea7b27f39a1103571be0f643678e2a6a8e5343a4f2e6f196a3c30408f854ddcf535f51ffc1f96db607fa0aab2f790e11c6d8df8c3c1f7347b4d8900d54dcab4605d7e6824854049ccde78694dff564a4f32b7458405e2d4c57e2c977be9c76ba4b7cfd7823ebf471bba7241902ffdd964937877cc8f0a60623403fc71a240aa56c66f081d6d3216ac66c0d135f936bfac9e4965f1078dafc10ab59020761bba6a4743b42ec391f20aaaddfbdea977ddfcbd14ac0604b1a56a9cf102474df380859d76208ac52dec6e123114d485665f2f6c2e850991e0d9c9464bfa872486ba71307cdb8c8c59fa20206834cd3584f953a3d79e0677ac51a42578f964a983b14c0148a2c0f2b7bddcd5b4075e29629fc3d7899df73e2a08408fd5ea2c5e3a85a63b71df97ad719cb5ddc92920861ef171d6b4785f61a63c60e176344f1148de388a1fee25b56324cf46fd25acce13b600f555fadf8d0f1cb98a2714705f266301d4b67e4890eb23984307ecbd709dd54093ca0b814a269f5dcd5fc0a2825e2000aec7e5e0a676c5021106956a42db2ebc4c4ebc9c6d432f8194e69ef94fff362880591ac7d77e5842f34d88a6f1eee356a81883dca2f96b1bd06b28aa3a0e994b45087a52d25b544319e2b4126573d55b46fe1083e6a14dfdb3ce77478bb8ea8ff724ec5bad6f52ac58fa998ead0f85c3e8bb01737cdd6127910f04b52a3dc1b5f1a4b9ef38900079147b924492c600a60a76fccd91fe43ab117c3f26c2dc4b9efd8584c6fdd01e4068ed32f9611b683a107825811425f59f93cd3212276f73c1e14b69a5ed72aefdf51a558484f0abf8e0fe355b98050d9475194a2692ba326dc36", 0x1000}, {&(0x7f00000002c0)="fb270dac8ee5d8d62f5df58360f059cb7aa556fd88397720b4d931b35b3b62b1815970f0e6812b833636a8d9ea79bb7d7eae2129b11ebe325074b8c2aa47341ecb7100e09fe249e5f8a3e78dfc5dd20baac43d66f9ac9726e5d839b168faac28bfa05258e220b489803633cc3bcd4f96d42cd8857065466531fda9bba5f1b8dc5fd5da4ce94f4707e4b5588c96d25e3d94d205d61e91b1f9a6769dd079cd9c5157ee81bf59cedae2cf82a8eca9daace90edfa9d7a16b2d038135b9e2c2b01b", 0xbf}, {&(0x7f0000000440)="c55ec3640b49d120ba7cd729f16b7c799548c636457802b9c98b6fbf4b1eb1e4625f7c89a67a720b327998f51d1424f26c466fe8f0f18463cbd3183cf381345e1e3588c676399327e19e7516bbdc5f7f300a0a31abbc7f89c0aca15a6a31e44602328f1b41d80fcbf79dfbe0327c14476887532a723f111abf4ad7ccd411afcaa391fb0beb9f6eb1830d22584004109709a252e7e83b4c28c132f5e1e7e0bee4486de5c583a10439e27652200e4f92b47c2755ec48da6c81411f4a9ad8b603244de9eec70973171cc26ea76fb88d0f58ee28b5d8e346fb463d5d1e434fd623180239afa900", 0xe5}, {&(0x7f0000000780)="e11f59b798cce709ab8871e3717acc6336f8734f08d19f53104703e2928440d7e929c3cbee863398c1024538ddc6d8791f2cca9de3c860a73e24f25f2116705ef7553b86f719f5c35e7350c8db4a568d6b4cc537e9a7152c83b30093311d528fc37343e51612656f1035f87b32a3fd4c17baf7c28599dd4386bede3ac8bd72022ac82ffa6cad913d3f3e05b03eb7d04cea0b53953f09a60327b92dac73c24ad0a8ce2e2d8555628912f5259e751643948dba561c173c2c1d4398882bbd179941ab22224fac618514e1d1a65ce5387b35ec3db2b4d190a902a463a8", 0xdb}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="1000000000000000010000e0000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x50, 0x4000004}, {&(0x7f0000000640)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000880)="8b3e977c5de1de040e7363b2d8bcaab17fbfa15b80d03b4f6f74a0919b8dee46287c47afdb828c09752652cce6b6cd0fb95f82e42d115432e5b7d3c0b46ff58557d3ae5b9e31861e2f91e7ca3dbc63e2b6d4678140353508cc3bd283c288f317d2d5f1af68d7773c8caaa145205bf3d7efa8c698095348a71e6bcb00", 0x7c}, {&(0x7f0000000fc0)="d69efb4752ea18ae81ac1b097d6ec1007432fab2a6d5b86baa9a02f880c390750f3995557848c9b49a45ba1d0bc9c1595a2a767eda035ac2a139d8d9d1159f9bcf2223ae67ccbcbf2b6e6fb35f2772a0b2fd420f596aec15862b246a3b2b51d3769d9459da64215d0a53865ce03c4e7f016c1cb4135d3fcb2c0b1b735e16594a94d745f1d14a20d4c375f72f33ac472ff6dfc56fc3430a892e433638af75923a7a83c39b86786f1a4e4dd58d9f87a566242d2d4d9f3487e805605e4350cc7904f242c1eed32c7cf1a53895edc796fbffffff56527e31f2174083d6c5cd8e642b7e41f40f6cbc94190079f9282897991390309816cbe7c2", 0xf7}, {&(0x7f0000000a00)="b9338f8a5d7025a1b331e5fbdeb52f34d78060ee6121c796396f54df9eb50d1d960e3d12c1b413607092a3f16c4a352f102c94a41ba58d39c1c5c48a0da1bded56eeea4003bc94d55dab4bba93f43062e699966b8868924c04e81dd99a4cbd6f9d9a73033194a0ed749e8f5988d1ed273223a7802977fce58b59428c854f6ccb883be81e77b98909abf1d6a3f11039d6f05478a99e548e488a900535abf7709bbc3cc293b7f5d12280cbe8f1d8ad9f3d8c4d965f4d", 0xb5}, {&(0x7f0000000ac0)="09b8063ecda6a5d1c69a2deb896d776edb495402925ebd788208462b32c4e1a021d4a9063a375a7ebe7a268e9d871bb2cbd2b05f0ff626b4e6889d893816aa3ee34f8f3df8e38874198ac3b5", 0x4c}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="865409d78200"/16], 0x10}, {&(0x7f0000000b80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000c00)}, {&(0x7f0000000c40)="1a9ad05a44ad", 0x6}, {&(0x7f0000000c80)="5dec80351af2899a32ac5350260229044d3e9537d30305301b15a974679f3f4ff038fea693c0fd8ab20e6cd67fb5bd3898b912c07b615cf8968ab771f98f82104c2985233d5b803edbe55dd42f0248bfca075bafeb3590b794573c8259bd4168e08d23d9b2a0af9ddb4ae914eab6ad79f1be5a1a246b", 0x76}, {&(0x7f0000000d00)="725abac81fe45d2ea04de086c76b8f04799dac67b7f645e7b9a88432e8cc2406ef97daeba91d1395a9214fd1aa804333f90c45b665fec08413600058e66e1cb5924e849a0ca6db8b3f91d498d223c1c5d7069f38871220c0eaf645abcf8b5bd3993def0149d4a56028d14af209abd5b05c80ce42feb0", 0x76}, {&(0x7f0000002640)="165f0b13e9e4ace205447f882af22a44043a6ed93d44e2521e15f9eeeac2467b8c59c9efdad3c7f850a403fdc31117d3a3cf9d6dd8523504ba1adec38ebfbebd503dfe452e11c878106f0631f18d4aa0e926a6636070589bb9b30c28bd2061ff95075b42c73f42fdde99ff728d367164a10c057865256772efbe52850775863fd4b95cab0e3fdaacef53e93bc9f9d6808068f5989da6c940b3c1622ad8f5ddc209f0aa95f6d59b9c0b556803fba10d80bcb3adf3c08905284eef855df24fb6a071bb4361e593dcba22b5cd46b7d1fce9ff82221af25935874b80b0d1da906838b72d162ed44dcb9fff333f61dfa2adf599405aa164196dfb6040a8c1b045fd854523d2e887b923c2fca57ebb50b1421c5d04b6267977a0de04df4640b07554c37e534cd52351aafcd8d3635e017b2e8c8eba34fc15c246eac7720e0d20d2b3f68698f57b0734610a9230ed15bc646b8ea3a5b4968dae0d6cc0f7cd988edced4220866cad7efa41b3df673b1f9e1b0de134affae4dcf9eb964d049b2877db75069c740f0ba8803a11e6565e91d4f7ae84e5687a5935c14d47826e08a60c62b3e840fcca5191343181b1ad50e43a251e63e5464c2bd4d2baf8713a58b1c3c6a86930a7e83eaa55e041aaa8acc7c5d3ddda79245cf3685aa88787008849bfa890570423eec59d69cb9042149f942e0830b5183df481bdd9c7694c67ea36a7c65c557acc2827c56b0804d64beac6d545ef1fd516ce532cbbb22f08b20b7d7cd4c5a21cb5eb24432e0aef639febed1b3bb4e59717266f97e929b19c105b757fc16624d23a8ac057e85b84d9c9bbe3b380fa854078a1a150b890e2d8d42e9e7c815b81edafb99d7a3a9112b13f7ff78ab921f27c8e60a9f1604d60c8d95525e1e596993bfe9ed4b8a4f23c3a50015e398fae18d539e2e75ddd84f52cc519ec5093b5ffc1e4ada86afe3a5db689a0f93357029d0fe7602ac2eacfeb35bdd50e059c24b36a4188136a17cf999270ace5e8342a4a75351f4d6312c7cf00fc2db33c4c12b194d5cf6b32430698da713b5243962911bffabb8c6c67a97f52a43e788a0bcb39a6c3d3ea565875d2beb46be6d7b446180927bfe9b0cb9357f35ca8dc158ce560db1878b3e60875d5e5d5f9c24e79bec4253fd0de7e78b6556f1470c57d84746b13ae45fbbd638929e4dc723a182cb700652cdbefd9c4e4bbc4828b6c28b00640a81260295b737b8d8756907e50be9db886a4d532151b1995f2f77f306cdf7ca045c86484fb9c5d26332b3757a11072255470fab397ff8eb9ae495e2130ed8535b0cbb4e91cbfe7172519dad651bb2258a4767a3b57786afa5584212ed6209922237b94de25039daf5270dd742a137e59636525650c56ad1d9d2d9924c05d3ac6bf8541c7cd9e24ae265e8d02abebd0f8190e2e052d808a8906e21848b4f67e6a0d894b4dc09de85a2ca389789ea86fb080f2eea7bc1151e60c17662eac801d77bff1666a3e910d3dffa0236eb0f3675e84380be00e8f8ffdd56d1fb96bded0c3e714056e474909f8690fa99eceae3a8ca9072f02d484ccd590cf121a00748231cc8e54a15ae1c9bb07ae4860b117cfdb5776658ce40ea3834092d30d531561b96e72c819611f0a7c34dee59b6c21c514b76c37fc6d244dfa378ea1b61807354460de30529bf38367836a2c11a22b72c5ae526d05a2aca1c0ec54b85657ac3d10075d14f576e88b1b3ad57bace8f81215b08425863e72636688a796be59c1adb957013ade09ff92e86d9f8bd3b36f761000a16d9ea5529350733f4add9660eb92ddc7b7990367dd4112a6dc4c9fb7948e516db30e3790881d1702b28f14c35cd9f1080559be8caae357b9fc4e62d7ca93adde3fca7d05600d392d5460bbc3a4fb3454a33e2315276a6f11bf624f95ef8fbda3a071d5f1c95b9da78833aa99e8e04f7cf2865b49568b8afbb6eace478c8b588c77046cee39bc17b08b5eed9778abf4cf2a4c955ae488583955228612d986f93e51479117747a91a4a4631fe08dd8c3fc67f55ff74e31d6aac8bae2cf079a713bcd091680af48e90ed655c2a86c1bd70e7bc8791d3a28167cd30814f565c4b4dd9029118f7e7e13ba05e88c659858dd150820229c999691c0fe37cfcce7012a52b4d1de97b94132ccc1bcc138a526dcb58b895d8d69b9694d169b99b8b9900857030f126e6133c534d5b36c38d9b709e64bd812d43fda8ef576dca2921cbf3f176e12af6ca94811f1ddbdac9d9e8a18eea50d68a1b3866bc730ff4c8bbbbe09635ad0beae9e2d4c87597459cefffd1909f0600fbe4bf6fe262026dc194a68d23e23af98ac3063a2f129636aecbe4b7dbff6b695792c395c3b1f3b5154f6fde300b038db2458b9f677f2c10057d6c19afeac99909a10de8a3a437311596c37e0f2ff3c792bccdf01e9c4c82e6500d429c5dd27eae03bb6f7316e886d9283c3913d9b5fd71ca17abbea8a261d75afd3377df6f1481b0cb25cf955710a517a4fc5151176457096d0253376173f041047df5aa450c462ff3cac5edd63e733fd537949ba2d36ff4d560d22a36e47d7c8c1ee1c4d79f79e8a9b0841e1bdab7f4d8a3b2e6d8a4b753ac88224b3d09e504c74c179f67711425417e79cc4902d22ae9e2b858d4a60fbf126c6b5a5c660371e9885c1fd5d389cefb1d429d3f82bed5c516bcc1828f097dc63f8b0b534e939f33c70d797e23b4290881c9f3f8c3a357f6c2abd8974bcf6866666b19cdafef6502a51873ed34d028ec7cbb5da4256f0e794653a6f828a5af6ad86126eee0cf939bcb3d2795a85d0b757dbb7d39310bbf05960a1ca4a16249c526682905c1fe53d7893bc8930b9bba5f9b3100c1039f7fca81288c48809bd969d57005c745298293d4c2d0a706d93a16d7aeded59e7479f8283ad63bbd073aae94a83b49f0c534ed562f412344b702764d2e02ab863ac9b7d9e7e465e08761d9e550d2a6d2243d82ba0444f9026e40ccc88815c839c855176c6754bd40fca8486e3a95985c8d3498a54b60fead8cab45b74dc503f7f1ac727f089d010cc99cfb5e6a9dd403105a56638b7a52afd30726a586f8c58c706f93353dfe9474ee48ba179fa5dec2ad9bf985acfcaf115707df22d97b0e966bab45a8eab58fc82ec30db4f252a341055ed009e569b7f40d650f4d4a6394b0757620bfad7821107b6335a48051a3e7fcf076e18575760c4425df98e85bee1b115e2207843f4655512759b71a6d10d680fb896a6bf2155231a9c21d89a736ecebecf09304b69849c3a73a3563fb61cbee81bc84760d54e9b0b2aa11bb90b21319017e013fd53e951eceae34f5d07472d1280d2fa95708e7a14287997ab7f34be9c939d40b1ba9400bdb43200ff999b87accc31d16ac60f370f0630e5c10d41b9c626c2d30fe445ea2520c17d174b981647dbb5443d02c8ae5735d7f6c76789c07e90e194a541f0a038f9f58e0c3f2ba8147abaac4a57fa89a2fc733e3e8a8b0ed878eb1de71a2aed069643a7d35d112084523a1b8b099098719d0505231e55226da758cdb67e8c171c3a49a48ada2384fb93d3e392babd54973f50f988915573ff3b312ba2cb13574ba8c4aa2b60bdd7014034a7b6174267e4d940514be828fd4fa41dd11641abaf19c8223447888068077b83dca9a6ef5453914e5a29d2c6d8af427c6912aaeb72385e9024ab152b066f08aa9c9c2e0da5f6e59ef35b6e403f2aba925abf1e7a4c10b27f7af41fd1cde8dadfca4b212828a12a2f1fee5980e3272f4fde34259783e2f850b399611995089c88b6e6432fb51189f3a2a7cfae45b1c47a348a9b0a3eccf58be5203589cc98aa3026e43568d4ad058176eb90dbb0fa8b4030f81f66c50d29df1c97c4535e5862cca12cd2f2f4a2620b20f812dc2ce8ab42c3ec9bd629672683aee2644f5bc7d3df0f72e07bbc898693b831e2a2297d2ee7b2ccd908a2df38b84a5774bb2e33979601f593e183d43dd65b5b14c6778c5bcedf00b3992f98bf29657b80f97deb4f42736d958282000e9cc86d9290d8ca13765b5ebbada588add95374675295df1d5bd3c1736e2ed031ed16e28cc640e98f80ed9102841f1a925744c569d650f7c161517c144294e8318b1aee63ed909df20a2b34cfbe629b44806ed50a1769feef76b0b483c1a3ad841309bfba92aaace9af860acf941ba0f5d950a9effdc0c584bf10a519151f67458d366455f4266036ebe2e178352589df05810f8617887d2c5cabf6085675cb3e0ea029d87e19851a36db8572bc181464df226b902824079eef80c5b44a2d5f3e1d4b166b24ceeba96885516281b4b57e15a0f75c8bb6a437db3109c763ab9e5276f6d5e28393a71eb57d1c2081e71a18e4a9b86d354acac6775ae9904b0bcc9dc44c83d1a26624441cf8f2f9ac9ebc49b326a391168c6b9df608151c0f45e4d8a761e5cadb52d01048fd9fd4cabad694dc18779f64c7811d373704d46968f95be4a32ded6725f41592779228c45c5d0a65d2a36fcbf50b21cfb3d2232312f3ea9fa9419ce2c7ab7a59895b9ff6f9023ea8be1eeac102b257854cb518748b013ee834beea2e277b57df7e2e1f6526d2e7c081553622dc004001360309a0d74fb8fff3da90693fb7cd0b91d18e8b386e1bf2a801436d86b60dd11c1eb427cea2070687f21ad6dae982d3791cd0f31623ea233d80a038bd781ccf4cbab9372eb937f50030d30d8642e567d3506f8c70d57e6e0ebb2841dbf673c0e2500e15234a2538ddbc95991df60d8a63f5bfbab332504ca7b0d32c6a3904538ed96eb536254f02e40945bb94ba534fc3e21ebfee7d9d23ffd6a1f80eea66123e9180589ef7adef382d3d17f02350fc37ea9e03022723c06023266b52743689ff0d14aac46afad3d36433479609827c2d6e7fc9acbfcd3d14119331c2e5064e1afccacdc62bef558b4be52baa913245174e39388f1e5883ae9e943a26e8dda95b9271b44d585d01aee443c7c0cf0b6b3505c26b3b1ccf27d5fef2f9682f2e7dbf14923139bd8125b16294ed1a6f6594dbecb3d0c8c37b58af76f0db9c5ea892789232f05a5cb021889374c698f463feb0c4f0dfc00ebfb90587485b8ab29e905edca6e557afe41f98e63942c6f62d4f45540d272a872948a46ee5baa1bce58d501840ec19f24f9b6213d5a11813a189a5f15a226bb53bf0fa4194fc5fcb9684598b45c95d41f494f8e159359f2da0e42e5e126872b6dc57a8a66288e1b79aaae6c836a9cfa0ec6f4432c58c9096912f7cf9bab3660e1d2076647abfb333ff8a914a7ec4ad84672f23deece602d32d03eeefc684a45b0808cc2bb0adacc7c96a4aebb8a132ea03fbb09c05b92f3b7b553b8356cd1158be2fa41db038d3e19ebf3d5829d45f26bb796871e1b9a5e388b7d85f0a8b33786540449b23969f72f5b249f4613fd106acb01699a51856f33e27c197f858c2421c3277bfb551c7d9f59902ba65c82f790db39395f1871357be2f61ec67df5373a18c21dc54bff8d4c7496efa7cdcc9328db03abf44bfa3238f5fa9200b571004168d1b024b921935e3ee445f2989dca3aa3c20cd4f1a3e44336ad4c817b69edcaf024f2123352b13ed82353d7435b298efb9133e3f807eee41fea0a582e9db1fec9420175e2fc594ea2008eaaef0d8b611022abc1f0f7a0683c36caf096c424ba86605c4d7fbd069e56c956f47657b524a40350a42a0d0fcc40154e8eebac955ab631fd607572e65c57b62502d1b370c2b9193d8644642555dcc2dbd21d5942d63cf8afca3a39eab31a3", 0x1000}], 0x5, &(0x7f0000000380), 0x0, 0x40000}], 0x3, 0x20008000)
write(r1, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x7fffffff, 0x1, 0x2, 0x4, 0xfffe, 0x1}, 0x20)

00:24:56 executing program 0:
unshare(0x24020400)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r0, 0x1000000000000003, 0x0)

00:24:56 executing program 2:
set_mempolicy(0x1, &(0x7f0000000180)=0xdd, 0x3f)
r0 = syz_io_uring_setup(0x6ad4, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x2b66, 0x0, 0x0, 0x0, 0x5e)

[  312.634154][ T1033]  loop1: p2 < > p3 p4
[  312.638440][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  312.656788][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  312.662976][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x46, &(0x7f0000000000)={0xfffffffd}, 0x4)

00:24:56 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040))
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x40000009})

00:24:56 executing program 3:
rt_sigaction(0xd, &(0x7f0000000000)={&(0x7f00000000c0)="c42271bba30945c4930f72d106c4c27d13b20000000036c7f80b000000c4417d70b8930000003cc4637d192553000000eec483b121e700c442f9aaf0c4c110562ec402b1b824c290", 0x1, 0x0}, 0x0, 0x8, &(0x7f0000000400))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
shutdown(r1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c}}], 0x20}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001580)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fork()
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$netlink(r3, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0)
r7 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70}, r7, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000080)={<r9=>0x0, <r10=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r10)
mq_open(&(0x7f00000015c0)='{\x00', 0x40, 0x10, &(0x7f0000001600)={0x9, 0x1, 0x5, 0x1})
sendmmsg$unix(r0, &(0x7f0000000f00)=[{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000200)="a18d45a38cd25c504f0ea2315c5627f29679ffcb517b9ac97760d96b922a47be32af64d7ab0cdc327b2f49a4dbff1606939d751aecaacb07ceab4d30c50f6f9be06aedc1767f1382867ab0ca8c16152cf0ca990e15933fd8b1d817de05c5a94461d463cac3f43cdeaf8804fd9aafde394f30635684cf141a9893dbb8fe05759bf6be20515df123565b729024b8ab1ed5eadf03d33115cb68de366bcde7ed6e46f5b204ac17be4d660d4d743c765d3c3e7ba72a329deede80", 0xb8}, {&(0x7f0000001640)="0eccc951a9c67ac8e3631487b4bddc1100a745738fdac42a9a04da9dbe655be16bb0b9301338725517fb75eee20f4c3718de34dc08cf8be7331ee294134992973fc16efb6bed504ceafd9bc72304918ae68babe439f143186d9982ed5e85decbb01ac3f70e7890cd7044c347282a39f5b32f6e8c1a8af0833f3462527fb84dea4a0503d4a46cdcf1d05939509a140592b675f19bea3a2d765432468258d9ff119b4a8cfa1c22e0dc33c8da60e377628f303e534a692b891675210ad58339aeeedfa016877a8d6ff54dbea7b7af9d39d961181529d0de55bd7724dedb1a8419476c182e9855b106d28e600c0791249f9cc1b070c272a7a2e8a552c51d8e307a688a3a3930637acf152d0ee46e2cc32a47cfb246384a2b3cd3f368eb6d85ce316f91c14d445df9a38c225e4f93fbe89d717d0c5dae2f7e47231a07a66684f810feac1a20166850c9c341ff78e7b716e3220c92e2ace8fe98be8a835e84fd0f41fcefd5bab09a3c90307d15097f2f26ea3bf88ef076330ec2f8bc1e68a6aef93ad47b17ab81bee502a0daecb30bb294aa9d83b4f89c250e02b918bcb5e014f2b7fcf4439eaa3d7880d002268e97d2677b306df1717e919521ac2daf62a3d84351cd215b86117c199060c282fd3d51b28253cadeb61c1b180389e2f78aaf855aeb699e7088b1093bcc1634f63861629534e3d3832e5a881f4b15e8219fe4b96a3c7da28659b424470a6cab998fa3cd163577033a19738094dd2699fc22fe06bf9ee345d527e12f094c8e30e48c41c9f75e56273ce0222f3dfc76be372ab77132546a586a7aa4a3e183f33bd9540c73d26c4d740a575e920f7afc6030ddf877ddcff1eed6e38b7262c77c229e0a1341da2042a434484a8a5f672b3558b3c7e58b0856ecb1bf03afa563d9f4320c4bb6fb3153b3aff3b45049cc35bfbc80c654452cea5ef2b0648a765aedb7b484d8e4a57c9d879f27d79b8191ee6a8414ec1cb1322c4b31e880f7226391f0f1f68bce123905fd90e8a09c6d9dcf9525d47df59f9dcc59cdb35b88f70ad3e21b4824c38beda1de900c73eb37b120487a79913b62a6cf2d5f7d4a7c69fc7eddc282825c1bf96cbcf5d1c3e0ae5e808eb66f13dc7c05141819c19301ef892be441b4d29b409900fc5bfef8bf84c6c4b20fc0a7c5e23fcb6f55d435d436108ad6ca3fbcdb10ce151ac92ded4c45ca284600f6e33ced3af788ae3abbd96225a80a459e0abca2259ea4350e2eb6af35bae40d0c90e17349b103f179a5432eec898a84ebaeb082fc85634a60ee82f6c97de09a989143c6f9dd6ed4c65c041a0c0e3537a338dd3867397c419e98632234e570153882e725a26c72414fc2132cb20e037304441307ed2bbb3ba71b8eb91a20af5997a48508e6b51ca911a7859e0d77bc48308712a03c21805269d96a8bb1239097fc5c177b88e1e57d3a49eb6b08b446d7114bf8b79214c19fde0ee09d15292d40665ac6ade91ac842064ddc710f20028cf3c0c55ed0cff3ce36ddac04796c226ef03a2c87aa3871840c08338b9afabbea71223cfac5124e9db05d551f4bf8ab76aff826178e709c747e523556b275c1d6a4c4fa71653d31a121bb4fb789bfa52d44a5c95b856a73cb163e37033d669f714fd58840ca71ede314a9e33fa4aac0b43b5ce004ed55f0ddef03d005e9045635a60c63b0136ee7c532596b7f166d3e132f1b15ac29560f60cc11fa2a9e56837b287a5c086847a1bb8cda227a57e767b63beacf1c5dd9dc7b3f57c0f1920e53bca44da0b65c9a64105d61f152d3cc333d0f84cd3e8b9b1331b6f34fc57968d81570e00294190f810c54d6cb7c5972385bc42efd2ae3de45a920d530442f051a24cb346c00b2e7aab1e3a2bb7940a445d709e85f632b299ca62abed4b7d85b886b92b4c6192888c87df7f73fe4abe375347bac84e3caf372cbe82cc6519e28bb2ef80b141f844b656d385e0093d7412b31e98040ff867d56f33522abd8e26d0059ffe0e5635c81c572c4d6c2fec7f0755f1814b7c70b39c6c219e8dff3ca7b75ff70166dae1a081e1dcb3b499a2d30054d19e3fa9ea89c1c22800cbc912721b3dc1decbd3a4bcd8b1e8e83c02fe583648f0b0aeea5b96b391b61cf090e04e16b5264ec6dcba1c0233d69c24d896f73a8ec4de8149994ca6e2b6c627cfe610903d775ecbd357708dcb1c91a1683aae97d11975806a5008c51d1cf68027d8b5de63d9fd835ea559f1aedc4af8f4b64df5fb2c9503d53b5cf90bb586941c8f1fded765e1b899c84ac7c067f954a86da69f384c7aa2f4efb0d0503c7e2634898f2bb8780746317f78c9350dac8cadb7bcb692189bfb8fe394d8d6cbb14d00fb4d9cd1ff1afdf11cf794c8dd0e127244505dcf1942c678f9bcd06d17af7625cf982dae782540f7dd959d6761f6e072beb76f124f8972efc1fb67c9c700192fc10ef06a91113555fdbd93d3edecfc34550cc4ef781e74843a5bf99a25cc686fd9684f5b365934ab817a74f4ec4440fadb8c495a6af45f15a20919e13413ac8378ec6a94ff8b09928087c90a185d8e1936b9f1c33f28a98e78b8768a8c2c345b5da2e64a68bf3606eeca247ddacf1e35964f21322286ef492c3321a594485a02159b89b0400690799ed1adfed1d49bc1595243afcfa2b5a143797dd32facf5ac3eeb27e6365ca3e485e7c1a5ad9925fbdbad14e7fb57d9e47f63d35b4260b0dfae196f03456f5bf6be5e4fe700f768e10b4fab0d70851120a3b6b20774ba5980080cd706ea55b459018634afdc9badc0e406eb756930738da714c25bfa3e6c0a554a7a4ea2f0db6b3478524b5fb7195693d3c20ef295213dbdc32cd726189a8a5b351264ed8664aa4c56a315d781ec44dee0be40dc81c5a55f2dd6a6936a437d9292dc406bd1df40b623faf6a4e8ad5f6679314c232f34e41c4249f11ad416908b41f7c391fb0c5e4b517a6f72c83f32a393ebe70b07a9919da26bda8adb500e73bcf45780e963a9553e770841c920f109502a4e9ed15029b645c454b4f9a471d1e98fbafe8b860d21c1349a64d105205ad6cc415bb6c6f3fd4b04eeac2dc0fea1aa10fed58ea68f4e6102bfa63b55672d94049b9859349753a75a056da503f7f0da1700ef391ed97b6b771a00c962c736973523819d5aa419e1e6611e02c027401fbf538caf71f2f66059dff886ec13b71bdc92da9e80bf000d4f2dfc9cb8149420a5b129e0864e25528bf9e5488aeedaa8f43bb7a3ff6e571cb3cac55db7bbdd0c9f36662d89a34afc95489d73ecf234f1b52bd9dec1913c2dfdc1f6be187e6e56d3c25d688522a1b02637de07086bad50317fe2167f36ba34eba02bdb28089af2ef22304fa33b0c12a7481edbc63b8acd176f4bdfff05b27f1fab1bfe4c99dd73f519d9a863d0b17f5fdcb23302db3bd3acbee3a819fec5985bc0c6a92c62d33121250091cdb5ce11c8efadca53673dd2ec3385c4c7d2b27016a6f8004d7af2a754449228c2d378f1963bda09666d4a4479d6b3a4da6252f93ea6c6f675a1a26e7d7b802571e09bdb87840a33feabd464f7baab6693e156c9cb9c30b9568a3d162f11f236953f0d5fe45015658dc3544f3e16364b0129f4e76a00b44ed882fbb1afee816c0d00e49bcc9056731e9bb2b871f866e9ab20b80d588f86f97e423cbf40581ca549f6099e694d791004ac422065c6678e9632f5de874c4078915390cfc52ef656c0cb9d6d5ac322181006e95933cba3f5e50258e2b93ab2624958ce671d73312b10b539bd65c493c94da3131eb018490e9c80230b706ab0c8d39e1d23974eb9eff655404ff7ce88f5ebdff6cf182c2caa336b6829ec53bafdc8c714322a7d2ce97e2d013978586028f146db1ce5e315e25279293d565b258e7b3846ca0f686239b1fc2387839377cc26c0886eafd93247296f3b90ba33b1cb32a055f553cd3951e5e252597961c79610741e31a1b77b36cde8d6675551f5296d8ead7b502d4f55248c956c017aca27061f2a30d5217bec0016e2cb0cea93269a6eab721c0ea7e8dca19101ed5106631d356e19421af69d6459f358bc65ea3124a8dcf7e19fb6fddccb9581d86c94cb676c0c94fb7cd2f5b527d841281020d9d3ed13789fa9f92da9300eee3b56beaf547e5a7392e75202bc5ce3377f6c72ac37ac09e6e11d80ce313e3049334e61b93470fe5e9379653926b08a2be02399b10e86c2e5e1586bdfd54f7e0f720b2f812953842b91764d2bef309c20e48446acc2debac036cf8b89c303f8791a089e3859b70bf388e3007c2887948f484a4ca43f0a01a993a07afffcf780f48067fe052260733228d991f124a852690071621511031b628643d03e0a46ea7c933f5b5b86a7d3274213c229b77775c402c8613fd8a87da7ac5556edcc9bf27a4f171e91c27ec3932cc7654bca237b5cae1e0a5ced4a4b8d2b44518bdc61a9d7b8d1db77f478e80b1e17eac827c1a30f828cab6d5e532dac738ce8eff699b394d17e833f7586a59570f683a45e514d576db2503ce1913d9adbaf9cabf8c5fb4c84f88c775879dc6fbd489c1701271cc79573c6f31cd540c37d99c025f4b41de4ff124ba9b7e7e006a1955e50e22e32374a246d78e9f7baa1aed2916dd128ee01e5885d944fd5fd6ae87fce1809f60f68d3cad161d676daa33242c306d178c79c4dd130287425c919d5c05abe5b55217d484b55b6dc46929daf45b3101e35e1dab160aa635bec200155ac3622b7237430c7c8bdd693dd71d28fa44d8425eb0f09678a9497f051172d70deac805cf83cbcadf0e241322864276056194b2e2c8cf4ce75b41ad0fb8bfd34a67b2f74b2d8ff39ae0b3906a1f438286d6d0f44bd2da47a4cb3a17c788402ddef68f8f6e954c07f74a52d9e10f8b19428ef5045ef632aa874157d625faa7fb5c24d00f5ec2ea7b27f39a1103571be0f643678e2a6a8e5343a4f2e6f196a3c30408f854ddcf535f51ffc1f96db607fa0aab2f790e11c6d8df8c3c1f7347b4d8900d54dcab4605d7e6824854049ccde78694dff564a4f32b7458405e2d4c57e2c977be9c76ba4b7cfd7823ebf471bba7241902ffdd964937877cc8f0a60623403fc71a240aa56c66f081d6d3216ac66c0d135f936bfac9e4965f1078dafc10ab59020761bba6a4743b42ec391f20aaaddfbdea977ddfcbd14ac0604b1a56a9cf102474df380859d76208ac52dec6e123114d485665f2f6c2e850991e0d9c9464bfa872486ba71307cdb8c8c59fa20206834cd3584f953a3d79e0677ac51a42578f964a983b14c0148a2c0f2b7bddcd5b4075e29629fc3d7899df73e2a08408fd5ea2c5e3a85a63b71df97ad719cb5ddc92920861ef171d6b4785f61a63c60e176344f1148de388a1fee25b56324cf46fd25acce13b600f555fadf8d0f1cb98a2714705f266301d4b67e4890eb23984307ecbd709dd54093ca0b814a269f5dcd5fc0a2825e2000aec7e5e0a676c5021106956a42db2ebc4c4ebc9c6d432f8194e69ef94fff362880591ac7d77e5842f34d88a6f1eee356a81883dca2f96b1bd06b28aa3a0e994b45087a52d25b544319e2b4126573d55b46fe1083e6a14dfdb3ce77478bb8ea8ff724ec5bad6f52ac58fa998ead0f85c3e8bb01737cdd6127910f04b52a3dc1b5f1a4b9ef38900079147b924492c600a60a76fccd91fe43ab117c3f26c2dc4b9efd8584c6fdd01e4068ed32f9611b683a107825811425f59f93cd3212276f73c1e14b69a5ed72aefdf51a558484f0abf8e0fe355b98050d9475194a2692ba326dc36", 0x1000}, {&(0x7f00000002c0)="fb270dac8ee5d8d62f5df58360f059cb7aa556fd88397720b4d931b35b3b62b1815970f0e6812b833636a8d9ea79bb7d7eae2129b11ebe325074b8c2aa47341ecb7100e09fe249e5f8a3e78dfc5dd20baac43d66f9ac9726e5d839b168faac28bfa05258e220b489803633cc3bcd4f96d42cd8857065466531fda9bba5f1b8dc5fd5da4ce94f4707e4b5588c96d25e3d94d205d61e91b1f9a6769dd079cd9c5157ee81bf59cedae2cf82a8eca9daace90edfa9d7a16b2d038135b9e2c2b01b", 0xbf}, {&(0x7f0000000440)="c55ec3640b49d120ba7cd729f16b7c799548c636457802b9c98b6fbf4b1eb1e4625f7c89a67a720b327998f51d1424f26c466fe8f0f18463cbd3183cf381345e1e3588c676399327e19e7516bbdc5f7f300a0a31abbc7f89c0aca15a6a31e44602328f1b41d80fcbf79dfbe0327c14476887532a723f111abf4ad7ccd411afcaa391fb0beb9f6eb1830d22584004109709a252e7e83b4c28c132f5e1e7e0bee4486de5c583a10439e27652200e4f92b47c2755ec48da6c81411f4a9ad8b603244de9eec70973171cc26ea76fb88d0f58ee28b5d8e346fb463d5d1e434fd623180239afa900", 0xe5}, {&(0x7f0000000780)="e11f59b798cce709ab8871e3717acc6336f8734f08d19f53104703e2928440d7e929c3cbee863398c1024538ddc6d8791f2cca9de3c860a73e24f25f2116705ef7553b86f719f5c35e7350c8db4a568d6b4cc537e9a7152c83b30093311d528fc37343e51612656f1035f87b32a3fd4c17baf7c28599dd4386bede3ac8bd72022ac82ffa6cad913d3f3e05b03eb7d04cea0b53953f09a60327b92dac73c24ad0a8ce2e2d8555628912f5259e751643948dba561c173c2c1d4398882bbd179941ab22224fac618514e1d1a65ce5387b35ec3db2b4d190a902a463a8", 0xdb}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="1000000000000000010000e0000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x50, 0x4000004}, {&(0x7f0000000640)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000880)="8b3e977c5de1de040e7363b2d8bcaab17fbfa15b80d03b4f6f74a0919b8dee46287c47afdb828c09752652cce6b6cd0fb95f82e42d115432e5b7d3c0b46ff58557d3ae5b9e31861e2f91e7ca3dbc63e2b6d4678140353508cc3bd283c288f317d2d5f1af68d7773c8caaa145205bf3d7efa8c698095348a71e6bcb00", 0x7c}, {&(0x7f0000000fc0)="d69efb4752ea18ae81ac1b097d6ec1007432fab2a6d5b86baa9a02f880c390750f3995557848c9b49a45ba1d0bc9c1595a2a767eda035ac2a139d8d9d1159f9bcf2223ae67ccbcbf2b6e6fb35f2772a0b2fd420f596aec15862b246a3b2b51d3769d9459da64215d0a53865ce03c4e7f016c1cb4135d3fcb2c0b1b735e16594a94d745f1d14a20d4c375f72f33ac472ff6dfc56fc3430a892e433638af75923a7a83c39b86786f1a4e4dd58d9f87a566242d2d4d9f3487e805605e4350cc7904f242c1eed32c7cf1a53895edc796fbffffff56527e31f2174083d6c5cd8e642b7e41f40f6cbc94190079f9282897991390309816cbe7c2", 0xf7}, {&(0x7f0000000a00)="b9338f8a5d7025a1b331e5fbdeb52f34d78060ee6121c796396f54df9eb50d1d960e3d12c1b413607092a3f16c4a352f102c94a41ba58d39c1c5c48a0da1bded56eeea4003bc94d55dab4bba93f43062e699966b8868924c04e81dd99a4cbd6f9d9a73033194a0ed749e8f5988d1ed273223a7802977fce58b59428c854f6ccb883be81e77b98909abf1d6a3f11039d6f05478a99e548e488a900535abf7709bbc3cc293b7f5d12280cbe8f1d8ad9f3d8c4d965f4d", 0xb5}, {&(0x7f0000000ac0)="09b8063ecda6a5d1c69a2deb896d776edb495402925ebd788208462b32c4e1a021d4a9063a375a7ebe7a268e9d871bb2cbd2b05f0ff626b4e6889d893816aa3ee34f8f3df8e38874198ac3b5", 0x4c}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="865409d78200"/16], 0x10}, {&(0x7f0000000b80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000c00)}, {&(0x7f0000000c40)="1a9ad05a44ad", 0x6}, {&(0x7f0000000c80)="5dec80351af2899a32ac5350260229044d3e9537d30305301b15a974679f3f4ff038fea693c0fd8ab20e6cd67fb5bd3898b912c07b615cf8968ab771f98f82104c2985233d5b803edbe55dd42f0248bfca075bafeb3590b794573c8259bd4168e08d23d9b2a0af9ddb4ae914eab6ad79f1be5a1a246b", 0x76}, {&(0x7f0000000d00)="725abac81fe45d2ea04de086c76b8f04799dac67b7f645e7b9a88432e8cc2406ef97daeba91d1395a9214fd1aa804333f90c45b665fec08413600058e66e1cb5924e849a0ca6db8b3f91d498d223c1c5d7069f38871220c0eaf645abcf8b5bd3993def0149d4a56028d14af209abd5b05c80ce42feb0", 0x76}, {&(0x7f0000002640)="165f0b13e9e4ace205447f882af22a44043a6ed93d44e2521e15f9eeeac2467b8c59c9efdad3c7f850a403fdc31117d3a3cf9d6dd8523504ba1adec38ebfbebd503dfe452e11c878106f0631f18d4aa0e926a6636070589bb9b30c28bd2061ff95075b42c73f42fdde99ff728d367164a10c057865256772efbe52850775863fd4b95cab0e3fdaacef53e93bc9f9d6808068f5989da6c940b3c1622ad8f5ddc209f0aa95f6d59b9c0b556803fba10d80bcb3adf3c08905284eef855df24fb6a071bb4361e593dcba22b5cd46b7d1fce9ff82221af25935874b80b0d1da906838b72d162ed44dcb9fff333f61dfa2adf599405aa164196dfb6040a8c1b045fd854523d2e887b923c2fca57ebb50b1421c5d04b6267977a0de04df4640b07554c37e534cd52351aafcd8d3635e017b2e8c8eba34fc15c246eac7720e0d20d2b3f68698f57b0734610a9230ed15bc646b8ea3a5b4968dae0d6cc0f7cd988edced4220866cad7efa41b3df673b1f9e1b0de134affae4dcf9eb964d049b2877db75069c740f0ba8803a11e6565e91d4f7ae84e5687a5935c14d47826e08a60c62b3e840fcca5191343181b1ad50e43a251e63e5464c2bd4d2baf8713a58b1c3c6a86930a7e83eaa55e041aaa8acc7c5d3ddda79245cf3685aa88787008849bfa890570423eec59d69cb9042149f942e0830b5183df481bdd9c7694c67ea36a7c65c557acc2827c56b0804d64beac6d545ef1fd516ce532cbbb22f08b20b7d7cd4c5a21cb5eb24432e0aef639febed1b3bb4e59717266f97e929b19c105b757fc16624d23a8ac057e85b84d9c9bbe3b380fa854078a1a150b890e2d8d42e9e7c815b81edafb99d7a3a9112b13f7ff78ab921f27c8e60a9f1604d60c8d95525e1e596993bfe9ed4b8a4f23c3a50015e398fae18d539e2e75ddd84f52cc519ec5093b5ffc1e4ada86afe3a5db689a0f93357029d0fe7602ac2eacfeb35bdd50e059c24b36a4188136a17cf999270ace5e8342a4a75351f4d6312c7cf00fc2db33c4c12b194d5cf6b32430698da713b5243962911bffabb8c6c67a97f52a43e788a0bcb39a6c3d3ea565875d2beb46be6d7b446180927bfe9b0cb9357f35ca8dc158ce560db1878b3e60875d5e5d5f9c24e79bec4253fd0de7e78b6556f1470c57d84746b13ae45fbbd638929e4dc723a182cb700652cdbefd9c4e4bbc4828b6c28b00640a81260295b737b8d8756907e50be9db886a4d532151b1995f2f77f306cdf7ca045c86484fb9c5d26332b3757a11072255470fab397ff8eb9ae495e2130ed8535b0cbb4e91cbfe7172519dad651bb2258a4767a3b57786afa5584212ed6209922237b94de25039daf5270dd742a137e59636525650c56ad1d9d2d9924c05d3ac6bf8541c7cd9e24ae265e8d02abebd0f8190e2e052d808a8906e21848b4f67e6a0d894b4dc09de85a2ca389789ea86fb080f2eea7bc1151e60c17662eac801d77bff1666a3e910d3dffa0236eb0f3675e84380be00e8f8ffdd56d1fb96bded0c3e714056e474909f8690fa99eceae3a8ca9072f02d484ccd590cf121a00748231cc8e54a15ae1c9bb07ae4860b117cfdb5776658ce40ea3834092d30d531561b96e72c819611f0a7c34dee59b6c21c514b76c37fc6d244dfa378ea1b61807354460de30529bf38367836a2c11a22b72c5ae526d05a2aca1c0ec54b85657ac3d10075d14f576e88b1b3ad57bace8f81215b08425863e72636688a796be59c1adb957013ade09ff92e86d9f8bd3b36f761000a16d9ea5529350733f4add9660eb92ddc7b7990367dd4112a6dc4c9fb7948e516db30e3790881d1702b28f14c35cd9f1080559be8caae357b9fc4e62d7ca93adde3fca7d05600d392d5460bbc3a4fb3454a33e2315276a6f11bf624f95ef8fbda3a071d5f1c95b9da78833aa99e8e04f7cf2865b49568b8afbb6eace478c8b588c77046cee39bc17b08b5eed9778abf4cf2a4c955ae488583955228612d986f93e51479117747a91a4a4631fe08dd8c3fc67f55ff74e31d6aac8bae2cf079a713bcd091680af48e90ed655c2a86c1bd70e7bc8791d3a28167cd30814f565c4b4dd9029118f7e7e13ba05e88c659858dd150820229c999691c0fe37cfcce7012a52b4d1de97b94132ccc1bcc138a526dcb58b895d8d69b9694d169b99b8b9900857030f126e6133c534d5b36c38d9b709e64bd812d43fda8ef576dca2921cbf3f176e12af6ca94811f1ddbdac9d9e8a18eea50d68a1b3866bc730ff4c8bbbbe09635ad0beae9e2d4c87597459cefffd1909f0600fbe4bf6fe262026dc194a68d23e23af98ac3063a2f129636aecbe4b7dbff6b695792c395c3b1f3b5154f6fde300b038db2458b9f677f2c10057d6c19afeac99909a10de8a3a437311596c37e0f2ff3c792bccdf01e9c4c82e6500d429c5dd27eae03bb6f7316e886d9283c3913d9b5fd71ca17abbea8a261d75afd3377df6f1481b0cb25cf955710a517a4fc5151176457096d0253376173f041047df5aa450c462ff3cac5edd63e733fd537949ba2d36ff4d560d22a36e47d7c8c1ee1c4d79f79e8a9b0841e1bdab7f4d8a3b2e6d8a4b753ac88224b3d09e504c74c179f67711425417e79cc4902d22ae9e2b858d4a60fbf126c6b5a5c660371e9885c1fd5d389cefb1d429d3f82bed5c516bcc1828f097dc63f8b0b534e939f33c70d797e23b4290881c9f3f8c3a357f6c2abd8974bcf6866666b19cdafef6502a51873ed34d028ec7cbb5da4256f0e794653a6f828a5af6ad86126eee0cf939bcb3d2795a85d0b757dbb7d39310bbf05960a1ca4a16249c526682905c1fe53d7893bc8930b9bba5f9b3100c1039f7fca81288c48809bd969d57005c745298293d4c2d0a706d93a16d7aeded59e7479f8283ad63bbd073aae94a83b49f0c534ed562f412344b702764d2e02ab863ac9b7d9e7e465e08761d9e550d2a6d2243d82ba0444f9026e40ccc88815c839c855176c6754bd40fca8486e3a95985c8d3498a54b60fead8cab45b74dc503f7f1ac727f089d010cc99cfb5e6a9dd403105a56638b7a52afd30726a586f8c58c706f93353dfe9474ee48ba179fa5dec2ad9bf985acfcaf115707df22d97b0e966bab45a8eab58fc82ec30db4f252a341055ed009e569b7f40d650f4d4a6394b0757620bfad7821107b6335a48051a3e7fcf076e18575760c4425df98e85bee1b115e2207843f4655512759b71a6d10d680fb896a6bf2155231a9c21d89a736ecebecf09304b69849c3a73a3563fb61cbee81bc84760d54e9b0b2aa11bb90b21319017e013fd53e951eceae34f5d07472d1280d2fa95708e7a14287997ab7f34be9c939d40b1ba9400bdb43200ff999b87accc31d16ac60f370f0630e5c10d41b9c626c2d30fe445ea2520c17d174b981647dbb5443d02c8ae5735d7f6c76789c07e90e194a541f0a038f9f58e0c3f2ba8147abaac4a57fa89a2fc733e3e8a8b0ed878eb1de71a2aed069643a7d35d112084523a1b8b099098719d0505231e55226da758cdb67e8c171c3a49a48ada2384fb93d3e392babd54973f50f988915573ff3b312ba2cb13574ba8c4aa2b60bdd7014034a7b6174267e4d940514be828fd4fa41dd11641abaf19c8223447888068077b83dca9a6ef5453914e5a29d2c6d8af427c6912aaeb72385e9024ab152b066f08aa9c9c2e0da5f6e59ef35b6e403f2aba925abf1e7a4c10b27f7af41fd1cde8dadfca4b212828a12a2f1fee5980e3272f4fde34259783e2f850b399611995089c88b6e6432fb51189f3a2a7cfae45b1c47a348a9b0a3eccf58be5203589cc98aa3026e43568d4ad058176eb90dbb0fa8b4030f81f66c50d29df1c97c4535e5862cca12cd2f2f4a2620b20f812dc2ce8ab42c3ec9bd629672683aee2644f5bc7d3df0f72e07bbc898693b831e2a2297d2ee7b2ccd908a2df38b84a5774bb2e33979601f593e183d43dd65b5b14c6778c5bcedf00b3992f98bf29657b80f97deb4f42736d958282000e9cc86d9290d8ca13765b5ebbada588add95374675295df1d5bd3c1736e2ed031ed16e28cc640e98f80ed9102841f1a925744c569d650f7c161517c144294e8318b1aee63ed909df20a2b34cfbe629b44806ed50a1769feef76b0b483c1a3ad841309bfba92aaace9af860acf941ba0f5d950a9effdc0c584bf10a519151f67458d366455f4266036ebe2e178352589df05810f8617887d2c5cabf6085675cb3e0ea029d87e19851a36db8572bc181464df226b902824079eef80c5b44a2d5f3e1d4b166b24ceeba96885516281b4b57e15a0f75c8bb6a437db3109c763ab9e5276f6d5e28393a71eb57d1c2081e71a18e4a9b86d354acac6775ae9904b0bcc9dc44c83d1a26624441cf8f2f9ac9ebc49b326a391168c6b9df608151c0f45e4d8a761e5cadb52d01048fd9fd4cabad694dc18779f64c7811d373704d46968f95be4a32ded6725f41592779228c45c5d0a65d2a36fcbf50b21cfb3d2232312f3ea9fa9419ce2c7ab7a59895b9ff6f9023ea8be1eeac102b257854cb518748b013ee834beea2e277b57df7e2e1f6526d2e7c081553622dc004001360309a0d74fb8fff3da90693fb7cd0b91d18e8b386e1bf2a801436d86b60dd11c1eb427cea2070687f21ad6dae982d3791cd0f31623ea233d80a038bd781ccf4cbab9372eb937f50030d30d8642e567d3506f8c70d57e6e0ebb2841dbf673c0e2500e15234a2538ddbc95991df60d8a63f5bfbab332504ca7b0d32c6a3904538ed96eb536254f02e40945bb94ba534fc3e21ebfee7d9d23ffd6a1f80eea66123e9180589ef7adef382d3d17f02350fc37ea9e03022723c06023266b52743689ff0d14aac46afad3d36433479609827c2d6e7fc9acbfcd3d14119331c2e5064e1afccacdc62bef558b4be52baa913245174e39388f1e5883ae9e943a26e8dda95b9271b44d585d01aee443c7c0cf0b6b3505c26b3b1ccf27d5fef2f9682f2e7dbf14923139bd8125b16294ed1a6f6594dbecb3d0c8c37b58af76f0db9c5ea892789232f05a5cb021889374c698f463feb0c4f0dfc00ebfb90587485b8ab29e905edca6e557afe41f98e63942c6f62d4f45540d272a872948a46ee5baa1bce58d501840ec19f24f9b6213d5a11813a189a5f15a226bb53bf0fa4194fc5fcb9684598b45c95d41f494f8e159359f2da0e42e5e126872b6dc57a8a66288e1b79aaae6c836a9cfa0ec6f4432c58c9096912f7cf9bab3660e1d2076647abfb333ff8a914a7ec4ad84672f23deece602d32d03eeefc684a45b0808cc2bb0adacc7c96a4aebb8a132ea03fbb09c05b92f3b7b553b8356cd1158be2fa41db038d3e19ebf3d5829d45f26bb796871e1b9a5e388b7d85f0a8b33786540449b23969f72f5b249f4613fd106acb01699a51856f33e27c197f858c2421c3277bfb551c7d9f59902ba65c82f790db39395f1871357be2f61ec67df5373a18c21dc54bff8d4c7496efa7cdcc9328db03abf44bfa3238f5fa9200b571004168d1b024b921935e3ee445f2989dca3aa3c20cd4f1a3e44336ad4c817b69edcaf024f2123352b13ed82353d7435b298efb9133e3f807eee41fea0a582e9db1fec9420175e2fc594ea2008eaaef0d8b611022abc1f0f7a0683c36caf096c424ba86605c4d7fbd069e56c956f47657b524a40350a42a0d0fcc40154e8eebac955ab631fd607572e65c57b62502d1b370c2b9193d8644642555dcc2dbd21d5942d63cf8afca3a39eab31a3", 0x1000}], 0x5, &(0x7f0000000380), 0x0, 0x40000}], 0x3, 0x20008000)
write(r1, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x7fffffff, 0x1, 0x2, 0x4, 0xfffe, 0x1}, 0x20)

00:24:56 executing program 2:
set_mempolicy(0x1, &(0x7f0000000180)=0xdd, 0x3f)
r0 = syz_io_uring_setup(0x6ad4, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x2b66, 0x0, 0x0, 0x0, 0x5e)

00:24:56 executing program 0:
unshare(0x24020400)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r0, 0x1000000000000003, 0x0)

[  312.848160][ T1033]  loop2: p2 < > p3 p4
[  312.852973][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  312.862884][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  312.869078][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 5:
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
chroot(&(0x7f0000000740)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)

00:24:56 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040))
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x40000009})

00:24:56 executing program 3:
rt_sigaction(0xd, &(0x7f0000000000)={&(0x7f00000000c0)="c42271bba30945c4930f72d106c4c27d13b20000000036c7f80b000000c4417d70b8930000003cc4637d192553000000eec483b121e700c442f9aaf0c4c110562ec402b1b824c290", 0x1, 0x0}, 0x0, 0x8, &(0x7f0000000400))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
shutdown(r1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c}}], 0x20}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001580)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fork()
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$netlink(r3, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0)
r7 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70}, r7, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000080)={<r9=>0x0, <r10=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r10)
mq_open(&(0x7f00000015c0)='{\x00', 0x40, 0x10, &(0x7f0000001600)={0x9, 0x1, 0x5, 0x1})
sendmmsg$unix(r0, &(0x7f0000000f00)=[{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000200)="a18d45a38cd25c504f0ea2315c5627f29679ffcb517b9ac97760d96b922a47be32af64d7ab0cdc327b2f49a4dbff1606939d751aecaacb07ceab4d30c50f6f9be06aedc1767f1382867ab0ca8c16152cf0ca990e15933fd8b1d817de05c5a94461d463cac3f43cdeaf8804fd9aafde394f30635684cf141a9893dbb8fe05759bf6be20515df123565b729024b8ab1ed5eadf03d33115cb68de366bcde7ed6e46f5b204ac17be4d660d4d743c765d3c3e7ba72a329deede80", 0xb8}, {&(0x7f0000001640)="0eccc951a9c67ac8e3631487b4bddc1100a745738fdac42a9a04da9dbe655be16bb0b9301338725517fb75eee20f4c3718de34dc08cf8be7331ee294134992973fc16efb6bed504ceafd9bc72304918ae68babe439f143186d9982ed5e85decbb01ac3f70e7890cd7044c347282a39f5b32f6e8c1a8af0833f3462527fb84dea4a0503d4a46cdcf1d05939509a140592b675f19bea3a2d765432468258d9ff119b4a8cfa1c22e0dc33c8da60e377628f303e534a692b891675210ad58339aeeedfa016877a8d6ff54dbea7b7af9d39d961181529d0de55bd7724dedb1a8419476c182e9855b106d28e600c0791249f9cc1b070c272a7a2e8a552c51d8e307a688a3a3930637acf152d0ee46e2cc32a47cfb246384a2b3cd3f368eb6d85ce316f91c14d445df9a38c225e4f93fbe89d717d0c5dae2f7e47231a07a66684f810feac1a20166850c9c341ff78e7b716e3220c92e2ace8fe98be8a835e84fd0f41fcefd5bab09a3c90307d15097f2f26ea3bf88ef076330ec2f8bc1e68a6aef93ad47b17ab81bee502a0daecb30bb294aa9d83b4f89c250e02b918bcb5e014f2b7fcf4439eaa3d7880d002268e97d2677b306df1717e919521ac2daf62a3d84351cd215b86117c199060c282fd3d51b28253cadeb61c1b180389e2f78aaf855aeb699e7088b1093bcc1634f63861629534e3d3832e5a881f4b15e8219fe4b96a3c7da28659b424470a6cab998fa3cd163577033a19738094dd2699fc22fe06bf9ee345d527e12f094c8e30e48c41c9f75e56273ce0222f3dfc76be372ab77132546a586a7aa4a3e183f33bd9540c73d26c4d740a575e920f7afc6030ddf877ddcff1eed6e38b7262c77c229e0a1341da2042a434484a8a5f672b3558b3c7e58b0856ecb1bf03afa563d9f4320c4bb6fb3153b3aff3b45049cc35bfbc80c654452cea5ef2b0648a765aedb7b484d8e4a57c9d879f27d79b8191ee6a8414ec1cb1322c4b31e880f7226391f0f1f68bce123905fd90e8a09c6d9dcf9525d47df59f9dcc59cdb35b88f70ad3e21b4824c38beda1de900c73eb37b120487a79913b62a6cf2d5f7d4a7c69fc7eddc282825c1bf96cbcf5d1c3e0ae5e808eb66f13dc7c05141819c19301ef892be441b4d29b409900fc5bfef8bf84c6c4b20fc0a7c5e23fcb6f55d435d436108ad6ca3fbcdb10ce151ac92ded4c45ca284600f6e33ced3af788ae3abbd96225a80a459e0abca2259ea4350e2eb6af35bae40d0c90e17349b103f179a5432eec898a84ebaeb082fc85634a60ee82f6c97de09a989143c6f9dd6ed4c65c041a0c0e3537a338dd3867397c419e98632234e570153882e725a26c72414fc2132cb20e037304441307ed2bbb3ba71b8eb91a20af5997a48508e6b51ca911a7859e0d77bc48308712a03c21805269d96a8bb1239097fc5c177b88e1e57d3a49eb6b08b446d7114bf8b79214c19fde0ee09d15292d40665ac6ade91ac842064ddc710f20028cf3c0c55ed0cff3ce36ddac04796c226ef03a2c87aa3871840c08338b9afabbea71223cfac5124e9db05d551f4bf8ab76aff826178e709c747e523556b275c1d6a4c4fa71653d31a121bb4fb789bfa52d44a5c95b856a73cb163e37033d669f714fd58840ca71ede314a9e33fa4aac0b43b5ce004ed55f0ddef03d005e9045635a60c63b0136ee7c532596b7f166d3e132f1b15ac29560f60cc11fa2a9e56837b287a5c086847a1bb8cda227a57e767b63beacf1c5dd9dc7b3f57c0f1920e53bca44da0b65c9a64105d61f152d3cc333d0f84cd3e8b9b1331b6f34fc57968d81570e00294190f810c54d6cb7c5972385bc42efd2ae3de45a920d530442f051a24cb346c00b2e7aab1e3a2bb7940a445d709e85f632b299ca62abed4b7d85b886b92b4c6192888c87df7f73fe4abe375347bac84e3caf372cbe82cc6519e28bb2ef80b141f844b656d385e0093d7412b31e98040ff867d56f33522abd8e26d0059ffe0e5635c81c572c4d6c2fec7f0755f1814b7c70b39c6c219e8dff3ca7b75ff70166dae1a081e1dcb3b499a2d30054d19e3fa9ea89c1c22800cbc912721b3dc1decbd3a4bcd8b1e8e83c02fe583648f0b0aeea5b96b391b61cf090e04e16b5264ec6dcba1c0233d69c24d896f73a8ec4de8149994ca6e2b6c627cfe610903d775ecbd357708dcb1c91a1683aae97d11975806a5008c51d1cf68027d8b5de63d9fd835ea559f1aedc4af8f4b64df5fb2c9503d53b5cf90bb586941c8f1fded765e1b899c84ac7c067f954a86da69f384c7aa2f4efb0d0503c7e2634898f2bb8780746317f78c9350dac8cadb7bcb692189bfb8fe394d8d6cbb14d00fb4d9cd1ff1afdf11cf794c8dd0e127244505dcf1942c678f9bcd06d17af7625cf982dae782540f7dd959d6761f6e072beb76f124f8972efc1fb67c9c700192fc10ef06a91113555fdbd93d3edecfc34550cc4ef781e74843a5bf99a25cc686fd9684f5b365934ab817a74f4ec4440fadb8c495a6af45f15a20919e13413ac8378ec6a94ff8b09928087c90a185d8e1936b9f1c33f28a98e78b8768a8c2c345b5da2e64a68bf3606eeca247ddacf1e35964f21322286ef492c3321a594485a02159b89b0400690799ed1adfed1d49bc1595243afcfa2b5a143797dd32facf5ac3eeb27e6365ca3e485e7c1a5ad9925fbdbad14e7fb57d9e47f63d35b4260b0dfae196f03456f5bf6be5e4fe700f768e10b4fab0d70851120a3b6b20774ba5980080cd706ea55b459018634afdc9badc0e406eb756930738da714c25bfa3e6c0a554a7a4ea2f0db6b3478524b5fb7195693d3c20ef295213dbdc32cd726189a8a5b351264ed8664aa4c56a315d781ec44dee0be40dc81c5a55f2dd6a6936a437d9292dc406bd1df40b623faf6a4e8ad5f6679314c232f34e41c4249f11ad416908b41f7c391fb0c5e4b517a6f72c83f32a393ebe70b07a9919da26bda8adb500e73bcf45780e963a9553e770841c920f109502a4e9ed15029b645c454b4f9a471d1e98fbafe8b860d21c1349a64d105205ad6cc415bb6c6f3fd4b04eeac2dc0fea1aa10fed58ea68f4e6102bfa63b55672d94049b9859349753a75a056da503f7f0da1700ef391ed97b6b771a00c962c736973523819d5aa419e1e6611e02c027401fbf538caf71f2f66059dff886ec13b71bdc92da9e80bf000d4f2dfc9cb8149420a5b129e0864e25528bf9e5488aeedaa8f43bb7a3ff6e571cb3cac55db7bbdd0c9f36662d89a34afc95489d73ecf234f1b52bd9dec1913c2dfdc1f6be187e6e56d3c25d688522a1b02637de07086bad50317fe2167f36ba34eba02bdb28089af2ef22304fa33b0c12a7481edbc63b8acd176f4bdfff05b27f1fab1bfe4c99dd73f519d9a863d0b17f5fdcb23302db3bd3acbee3a819fec5985bc0c6a92c62d33121250091cdb5ce11c8efadca53673dd2ec3385c4c7d2b27016a6f8004d7af2a754449228c2d378f1963bda09666d4a4479d6b3a4da6252f93ea6c6f675a1a26e7d7b802571e09bdb87840a33feabd464f7baab6693e156c9cb9c30b9568a3d162f11f236953f0d5fe45015658dc3544f3e16364b0129f4e76a00b44ed882fbb1afee816c0d00e49bcc9056731e9bb2b871f866e9ab20b80d588f86f97e423cbf40581ca549f6099e694d791004ac422065c6678e9632f5de874c4078915390cfc52ef656c0cb9d6d5ac322181006e95933cba3f5e50258e2b93ab2624958ce671d73312b10b539bd65c493c94da3131eb018490e9c80230b706ab0c8d39e1d23974eb9eff655404ff7ce88f5ebdff6cf182c2caa336b6829ec53bafdc8c714322a7d2ce97e2d013978586028f146db1ce5e315e25279293d565b258e7b3846ca0f686239b1fc2387839377cc26c0886eafd93247296f3b90ba33b1cb32a055f553cd3951e5e252597961c79610741e31a1b77b36cde8d6675551f5296d8ead7b502d4f55248c956c017aca27061f2a30d5217bec0016e2cb0cea93269a6eab721c0ea7e8dca19101ed5106631d356e19421af69d6459f358bc65ea3124a8dcf7e19fb6fddccb9581d86c94cb676c0c94fb7cd2f5b527d841281020d9d3ed13789fa9f92da9300eee3b56beaf547e5a7392e75202bc5ce3377f6c72ac37ac09e6e11d80ce313e3049334e61b93470fe5e9379653926b08a2be02399b10e86c2e5e1586bdfd54f7e0f720b2f812953842b91764d2bef309c20e48446acc2debac036cf8b89c303f8791a089e3859b70bf388e3007c2887948f484a4ca43f0a01a993a07afffcf780f48067fe052260733228d991f124a852690071621511031b628643d03e0a46ea7c933f5b5b86a7d3274213c229b77775c402c8613fd8a87da7ac5556edcc9bf27a4f171e91c27ec3932cc7654bca237b5cae1e0a5ced4a4b8d2b44518bdc61a9d7b8d1db77f478e80b1e17eac827c1a30f828cab6d5e532dac738ce8eff699b394d17e833f7586a59570f683a45e514d576db2503ce1913d9adbaf9cabf8c5fb4c84f88c775879dc6fbd489c1701271cc79573c6f31cd540c37d99c025f4b41de4ff124ba9b7e7e006a1955e50e22e32374a246d78e9f7baa1aed2916dd128ee01e5885d944fd5fd6ae87fce1809f60f68d3cad161d676daa33242c306d178c79c4dd130287425c919d5c05abe5b55217d484b55b6dc46929daf45b3101e35e1dab160aa635bec200155ac3622b7237430c7c8bdd693dd71d28fa44d8425eb0f09678a9497f051172d70deac805cf83cbcadf0e241322864276056194b2e2c8cf4ce75b41ad0fb8bfd34a67b2f74b2d8ff39ae0b3906a1f438286d6d0f44bd2da47a4cb3a17c788402ddef68f8f6e954c07f74a52d9e10f8b19428ef5045ef632aa874157d625faa7fb5c24d00f5ec2ea7b27f39a1103571be0f643678e2a6a8e5343a4f2e6f196a3c30408f854ddcf535f51ffc1f96db607fa0aab2f790e11c6d8df8c3c1f7347b4d8900d54dcab4605d7e6824854049ccde78694dff564a4f32b7458405e2d4c57e2c977be9c76ba4b7cfd7823ebf471bba7241902ffdd964937877cc8f0a60623403fc71a240aa56c66f081d6d3216ac66c0d135f936bfac9e4965f1078dafc10ab59020761bba6a4743b42ec391f20aaaddfbdea977ddfcbd14ac0604b1a56a9cf102474df380859d76208ac52dec6e123114d485665f2f6c2e850991e0d9c9464bfa872486ba71307cdb8c8c59fa20206834cd3584f953a3d79e0677ac51a42578f964a983b14c0148a2c0f2b7bddcd5b4075e29629fc3d7899df73e2a08408fd5ea2c5e3a85a63b71df97ad719cb5ddc92920861ef171d6b4785f61a63c60e176344f1148de388a1fee25b56324cf46fd25acce13b600f555fadf8d0f1cb98a2714705f266301d4b67e4890eb23984307ecbd709dd54093ca0b814a269f5dcd5fc0a2825e2000aec7e5e0a676c5021106956a42db2ebc4c4ebc9c6d432f8194e69ef94fff362880591ac7d77e5842f34d88a6f1eee356a81883dca2f96b1bd06b28aa3a0e994b45087a52d25b544319e2b4126573d55b46fe1083e6a14dfdb3ce77478bb8ea8ff724ec5bad6f52ac58fa998ead0f85c3e8bb01737cdd6127910f04b52a3dc1b5f1a4b9ef38900079147b924492c600a60a76fccd91fe43ab117c3f26c2dc4b9efd8584c6fdd01e4068ed32f9611b683a107825811425f59f93cd3212276f73c1e14b69a5ed72aefdf51a558484f0abf8e0fe355b98050d9475194a2692ba326dc36", 0x1000}, {&(0x7f00000002c0)="fb270dac8ee5d8d62f5df58360f059cb7aa556fd88397720b4d931b35b3b62b1815970f0e6812b833636a8d9ea79bb7d7eae2129b11ebe325074b8c2aa47341ecb7100e09fe249e5f8a3e78dfc5dd20baac43d66f9ac9726e5d839b168faac28bfa05258e220b489803633cc3bcd4f96d42cd8857065466531fda9bba5f1b8dc5fd5da4ce94f4707e4b5588c96d25e3d94d205d61e91b1f9a6769dd079cd9c5157ee81bf59cedae2cf82a8eca9daace90edfa9d7a16b2d038135b9e2c2b01b", 0xbf}, {&(0x7f0000000440)="c55ec3640b49d120ba7cd729f16b7c799548c636457802b9c98b6fbf4b1eb1e4625f7c89a67a720b327998f51d1424f26c466fe8f0f18463cbd3183cf381345e1e3588c676399327e19e7516bbdc5f7f300a0a31abbc7f89c0aca15a6a31e44602328f1b41d80fcbf79dfbe0327c14476887532a723f111abf4ad7ccd411afcaa391fb0beb9f6eb1830d22584004109709a252e7e83b4c28c132f5e1e7e0bee4486de5c583a10439e27652200e4f92b47c2755ec48da6c81411f4a9ad8b603244de9eec70973171cc26ea76fb88d0f58ee28b5d8e346fb463d5d1e434fd623180239afa900", 0xe5}, {&(0x7f0000000780)="e11f59b798cce709ab8871e3717acc6336f8734f08d19f53104703e2928440d7e929c3cbee863398c1024538ddc6d8791f2cca9de3c860a73e24f25f2116705ef7553b86f719f5c35e7350c8db4a568d6b4cc537e9a7152c83b30093311d528fc37343e51612656f1035f87b32a3fd4c17baf7c28599dd4386bede3ac8bd72022ac82ffa6cad913d3f3e05b03eb7d04cea0b53953f09a60327b92dac73c24ad0a8ce2e2d8555628912f5259e751643948dba561c173c2c1d4398882bbd179941ab22224fac618514e1d1a65ce5387b35ec3db2b4d190a902a463a8", 0xdb}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="1000000000000000010000e0000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x50, 0x4000004}, {&(0x7f0000000640)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000880)="8b3e977c5de1de040e7363b2d8bcaab17fbfa15b80d03b4f6f74a0919b8dee46287c47afdb828c09752652cce6b6cd0fb95f82e42d115432e5b7d3c0b46ff58557d3ae5b9e31861e2f91e7ca3dbc63e2b6d4678140353508cc3bd283c288f317d2d5f1af68d7773c8caaa145205bf3d7efa8c698095348a71e6bcb00", 0x7c}, {&(0x7f0000000fc0)="d69efb4752ea18ae81ac1b097d6ec1007432fab2a6d5b86baa9a02f880c390750f3995557848c9b49a45ba1d0bc9c1595a2a767eda035ac2a139d8d9d1159f9bcf2223ae67ccbcbf2b6e6fb35f2772a0b2fd420f596aec15862b246a3b2b51d3769d9459da64215d0a53865ce03c4e7f016c1cb4135d3fcb2c0b1b735e16594a94d745f1d14a20d4c375f72f33ac472ff6dfc56fc3430a892e433638af75923a7a83c39b86786f1a4e4dd58d9f87a566242d2d4d9f3487e805605e4350cc7904f242c1eed32c7cf1a53895edc796fbffffff56527e31f2174083d6c5cd8e642b7e41f40f6cbc94190079f9282897991390309816cbe7c2", 0xf7}, {&(0x7f0000000a00)="b9338f8a5d7025a1b331e5fbdeb52f34d78060ee6121c796396f54df9eb50d1d960e3d12c1b413607092a3f16c4a352f102c94a41ba58d39c1c5c48a0da1bded56eeea4003bc94d55dab4bba93f43062e699966b8868924c04e81dd99a4cbd6f9d9a73033194a0ed749e8f5988d1ed273223a7802977fce58b59428c854f6ccb883be81e77b98909abf1d6a3f11039d6f05478a99e548e488a900535abf7709bbc3cc293b7f5d12280cbe8f1d8ad9f3d8c4d965f4d", 0xb5}, {&(0x7f0000000ac0)="09b8063ecda6a5d1c69a2deb896d776edb495402925ebd788208462b32c4e1a021d4a9063a375a7ebe7a268e9d871bb2cbd2b05f0ff626b4e6889d893816aa3ee34f8f3df8e38874198ac3b5", 0x4c}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="865409d78200"/16], 0x10}, {&(0x7f0000000b80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000c00)}, {&(0x7f0000000c40)="1a9ad05a44ad", 0x6}, {&(0x7f0000000c80)="5dec80351af2899a32ac5350260229044d3e9537d30305301b15a974679f3f4ff038fea693c0fd8ab20e6cd67fb5bd3898b912c07b615cf8968ab771f98f82104c2985233d5b803edbe55dd42f0248bfca075bafeb3590b794573c8259bd4168e08d23d9b2a0af9ddb4ae914eab6ad79f1be5a1a246b", 0x76}, {&(0x7f0000000d00)="725abac81fe45d2ea04de086c76b8f04799dac67b7f645e7b9a88432e8cc2406ef97daeba91d1395a9214fd1aa804333f90c45b665fec08413600058e66e1cb5924e849a0ca6db8b3f91d498d223c1c5d7069f38871220c0eaf645abcf8b5bd3993def0149d4a56028d14af209abd5b05c80ce42feb0", 0x76}, {&(0x7f0000002640)="165f0b13e9e4ace205447f882af22a44043a6ed93d44e2521e15f9eeeac2467b8c59c9efdad3c7f850a403fdc31117d3a3cf9d6dd8523504ba1adec38ebfbebd503dfe452e11c878106f0631f18d4aa0e926a6636070589bb9b30c28bd2061ff95075b42c73f42fdde99ff728d367164a10c057865256772efbe52850775863fd4b95cab0e3fdaacef53e93bc9f9d6808068f5989da6c940b3c1622ad8f5ddc209f0aa95f6d59b9c0b556803fba10d80bcb3adf3c08905284eef855df24fb6a071bb4361e593dcba22b5cd46b7d1fce9ff82221af25935874b80b0d1da906838b72d162ed44dcb9fff333f61dfa2adf599405aa164196dfb6040a8c1b045fd854523d2e887b923c2fca57ebb50b1421c5d04b6267977a0de04df4640b07554c37e534cd52351aafcd8d3635e017b2e8c8eba34fc15c246eac7720e0d20d2b3f68698f57b0734610a9230ed15bc646b8ea3a5b4968dae0d6cc0f7cd988edced4220866cad7efa41b3df673b1f9e1b0de134affae4dcf9eb964d049b2877db75069c740f0ba8803a11e6565e91d4f7ae84e5687a5935c14d47826e08a60c62b3e840fcca5191343181b1ad50e43a251e63e5464c2bd4d2baf8713a58b1c3c6a86930a7e83eaa55e041aaa8acc7c5d3ddda79245cf3685aa88787008849bfa890570423eec59d69cb9042149f942e0830b5183df481bdd9c7694c67ea36a7c65c557acc2827c56b0804d64beac6d545ef1fd516ce532cbbb22f08b20b7d7cd4c5a21cb5eb24432e0aef639febed1b3bb4e59717266f97e929b19c105b757fc16624d23a8ac057e85b84d9c9bbe3b380fa854078a1a150b890e2d8d42e9e7c815b81edafb99d7a3a9112b13f7ff78ab921f27c8e60a9f1604d60c8d95525e1e596993bfe9ed4b8a4f23c3a50015e398fae18d539e2e75ddd84f52cc519ec5093b5ffc1e4ada86afe3a5db689a0f93357029d0fe7602ac2eacfeb35bdd50e059c24b36a4188136a17cf999270ace5e8342a4a75351f4d6312c7cf00fc2db33c4c12b194d5cf6b32430698da713b5243962911bffabb8c6c67a97f52a43e788a0bcb39a6c3d3ea565875d2beb46be6d7b446180927bfe9b0cb9357f35ca8dc158ce560db1878b3e60875d5e5d5f9c24e79bec4253fd0de7e78b6556f1470c57d84746b13ae45fbbd638929e4dc723a182cb700652cdbefd9c4e4bbc4828b6c28b00640a81260295b737b8d8756907e50be9db886a4d532151b1995f2f77f306cdf7ca045c86484fb9c5d26332b3757a11072255470fab397ff8eb9ae495e2130ed8535b0cbb4e91cbfe7172519dad651bb2258a4767a3b57786afa5584212ed6209922237b94de25039daf5270dd742a137e59636525650c56ad1d9d2d9924c05d3ac6bf8541c7cd9e24ae265e8d02abebd0f8190e2e052d808a8906e21848b4f67e6a0d894b4dc09de85a2ca389789ea86fb080f2eea7bc1151e60c17662eac801d77bff1666a3e910d3dffa0236eb0f3675e84380be00e8f8ffdd56d1fb96bded0c3e714056e474909f8690fa99eceae3a8ca9072f02d484ccd590cf121a00748231cc8e54a15ae1c9bb07ae4860b117cfdb5776658ce40ea3834092d30d531561b96e72c819611f0a7c34dee59b6c21c514b76c37fc6d244dfa378ea1b61807354460de30529bf38367836a2c11a22b72c5ae526d05a2aca1c0ec54b85657ac3d10075d14f576e88b1b3ad57bace8f81215b08425863e72636688a796be59c1adb957013ade09ff92e86d9f8bd3b36f761000a16d9ea5529350733f4add9660eb92ddc7b7990367dd4112a6dc4c9fb7948e516db30e3790881d1702b28f14c35cd9f1080559be8caae357b9fc4e62d7ca93adde3fca7d05600d392d5460bbc3a4fb3454a33e2315276a6f11bf624f95ef8fbda3a071d5f1c95b9da78833aa99e8e04f7cf2865b49568b8afbb6eace478c8b588c77046cee39bc17b08b5eed9778abf4cf2a4c955ae488583955228612d986f93e51479117747a91a4a4631fe08dd8c3fc67f55ff74e31d6aac8bae2cf079a713bcd091680af48e90ed655c2a86c1bd70e7bc8791d3a28167cd30814f565c4b4dd9029118f7e7e13ba05e88c659858dd150820229c999691c0fe37cfcce7012a52b4d1de97b94132ccc1bcc138a526dcb58b895d8d69b9694d169b99b8b9900857030f126e6133c534d5b36c38d9b709e64bd812d43fda8ef576dca2921cbf3f176e12af6ca94811f1ddbdac9d9e8a18eea50d68a1b3866bc730ff4c8bbbbe09635ad0beae9e2d4c87597459cefffd1909f0600fbe4bf6fe262026dc194a68d23e23af98ac3063a2f129636aecbe4b7dbff6b695792c395c3b1f3b5154f6fde300b038db2458b9f677f2c10057d6c19afeac99909a10de8a3a437311596c37e0f2ff3c792bccdf01e9c4c82e6500d429c5dd27eae03bb6f7316e886d9283c3913d9b5fd71ca17abbea8a261d75afd3377df6f1481b0cb25cf955710a517a4fc5151176457096d0253376173f041047df5aa450c462ff3cac5edd63e733fd537949ba2d36ff4d560d22a36e47d7c8c1ee1c4d79f79e8a9b0841e1bdab7f4d8a3b2e6d8a4b753ac88224b3d09e504c74c179f67711425417e79cc4902d22ae9e2b858d4a60fbf126c6b5a5c660371e9885c1fd5d389cefb1d429d3f82bed5c516bcc1828f097dc63f8b0b534e939f33c70d797e23b4290881c9f3f8c3a357f6c2abd8974bcf6866666b19cdafef6502a51873ed34d028ec7cbb5da4256f0e794653a6f828a5af6ad86126eee0cf939bcb3d2795a85d0b757dbb7d39310bbf05960a1ca4a16249c526682905c1fe53d7893bc8930b9bba5f9b3100c1039f7fca81288c48809bd969d57005c745298293d4c2d0a706d93a16d7aeded59e7479f8283ad63bbd073aae94a83b49f0c534ed562f412344b702764d2e02ab863ac9b7d9e7e465e08761d9e550d2a6d2243d82ba0444f9026e40ccc88815c839c855176c6754bd40fca8486e3a95985c8d3498a54b60fead8cab45b74dc503f7f1ac727f089d010cc99cfb5e6a9dd403105a56638b7a52afd30726a586f8c58c706f93353dfe9474ee48ba179fa5dec2ad9bf985acfcaf115707df22d97b0e966bab45a8eab58fc82ec30db4f252a341055ed009e569b7f40d650f4d4a6394b0757620bfad7821107b6335a48051a3e7fcf076e18575760c4425df98e85bee1b115e2207843f4655512759b71a6d10d680fb896a6bf2155231a9c21d89a736ecebecf09304b69849c3a73a3563fb61cbee81bc84760d54e9b0b2aa11bb90b21319017e013fd53e951eceae34f5d07472d1280d2fa95708e7a14287997ab7f34be9c939d40b1ba9400bdb43200ff999b87accc31d16ac60f370f0630e5c10d41b9c626c2d30fe445ea2520c17d174b981647dbb5443d02c8ae5735d7f6c76789c07e90e194a541f0a038f9f58e0c3f2ba8147abaac4a57fa89a2fc733e3e8a8b0ed878eb1de71a2aed069643a7d35d112084523a1b8b099098719d0505231e55226da758cdb67e8c171c3a49a48ada2384fb93d3e392babd54973f50f988915573ff3b312ba2cb13574ba8c4aa2b60bdd7014034a7b6174267e4d940514be828fd4fa41dd11641abaf19c8223447888068077b83dca9a6ef5453914e5a29d2c6d8af427c6912aaeb72385e9024ab152b066f08aa9c9c2e0da5f6e59ef35b6e403f2aba925abf1e7a4c10b27f7af41fd1cde8dadfca4b212828a12a2f1fee5980e3272f4fde34259783e2f850b399611995089c88b6e6432fb51189f3a2a7cfae45b1c47a348a9b0a3eccf58be5203589cc98aa3026e43568d4ad058176eb90dbb0fa8b4030f81f66c50d29df1c97c4535e5862cca12cd2f2f4a2620b20f812dc2ce8ab42c3ec9bd629672683aee2644f5bc7d3df0f72e07bbc898693b831e2a2297d2ee7b2ccd908a2df38b84a5774bb2e33979601f593e183d43dd65b5b14c6778c5bcedf00b3992f98bf29657b80f97deb4f42736d958282000e9cc86d9290d8ca13765b5ebbada588add95374675295df1d5bd3c1736e2ed031ed16e28cc640e98f80ed9102841f1a925744c569d650f7c161517c144294e8318b1aee63ed909df20a2b34cfbe629b44806ed50a1769feef76b0b483c1a3ad841309bfba92aaace9af860acf941ba0f5d950a9effdc0c584bf10a519151f67458d366455f4266036ebe2e178352589df05810f8617887d2c5cabf6085675cb3e0ea029d87e19851a36db8572bc181464df226b902824079eef80c5b44a2d5f3e1d4b166b24ceeba96885516281b4b57e15a0f75c8bb6a437db3109c763ab9e5276f6d5e28393a71eb57d1c2081e71a18e4a9b86d354acac6775ae9904b0bcc9dc44c83d1a26624441cf8f2f9ac9ebc49b326a391168c6b9df608151c0f45e4d8a761e5cadb52d01048fd9fd4cabad694dc18779f64c7811d373704d46968f95be4a32ded6725f41592779228c45c5d0a65d2a36fcbf50b21cfb3d2232312f3ea9fa9419ce2c7ab7a59895b9ff6f9023ea8be1eeac102b257854cb518748b013ee834beea2e277b57df7e2e1f6526d2e7c081553622dc004001360309a0d74fb8fff3da90693fb7cd0b91d18e8b386e1bf2a801436d86b60dd11c1eb427cea2070687f21ad6dae982d3791cd0f31623ea233d80a038bd781ccf4cbab9372eb937f50030d30d8642e567d3506f8c70d57e6e0ebb2841dbf673c0e2500e15234a2538ddbc95991df60d8a63f5bfbab332504ca7b0d32c6a3904538ed96eb536254f02e40945bb94ba534fc3e21ebfee7d9d23ffd6a1f80eea66123e9180589ef7adef382d3d17f02350fc37ea9e03022723c06023266b52743689ff0d14aac46afad3d36433479609827c2d6e7fc9acbfcd3d14119331c2e5064e1afccacdc62bef558b4be52baa913245174e39388f1e5883ae9e943a26e8dda95b9271b44d585d01aee443c7c0cf0b6b3505c26b3b1ccf27d5fef2f9682f2e7dbf14923139bd8125b16294ed1a6f6594dbecb3d0c8c37b58af76f0db9c5ea892789232f05a5cb021889374c698f463feb0c4f0dfc00ebfb90587485b8ab29e905edca6e557afe41f98e63942c6f62d4f45540d272a872948a46ee5baa1bce58d501840ec19f24f9b6213d5a11813a189a5f15a226bb53bf0fa4194fc5fcb9684598b45c95d41f494f8e159359f2da0e42e5e126872b6dc57a8a66288e1b79aaae6c836a9cfa0ec6f4432c58c9096912f7cf9bab3660e1d2076647abfb333ff8a914a7ec4ad84672f23deece602d32d03eeefc684a45b0808cc2bb0adacc7c96a4aebb8a132ea03fbb09c05b92f3b7b553b8356cd1158be2fa41db038d3e19ebf3d5829d45f26bb796871e1b9a5e388b7d85f0a8b33786540449b23969f72f5b249f4613fd106acb01699a51856f33e27c197f858c2421c3277bfb551c7d9f59902ba65c82f790db39395f1871357be2f61ec67df5373a18c21dc54bff8d4c7496efa7cdcc9328db03abf44bfa3238f5fa9200b571004168d1b024b921935e3ee445f2989dca3aa3c20cd4f1a3e44336ad4c817b69edcaf024f2123352b13ed82353d7435b298efb9133e3f807eee41fea0a582e9db1fec9420175e2fc594ea2008eaaef0d8b611022abc1f0f7a0683c36caf096c424ba86605c4d7fbd069e56c956f47657b524a40350a42a0d0fcc40154e8eebac955ab631fd607572e65c57b62502d1b370c2b9193d8644642555dcc2dbd21d5942d63cf8afca3a39eab31a3", 0x1000}], 0x5, &(0x7f0000000380), 0x0, 0x40000}], 0x3, 0x20008000)
write(r1, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x7fffffff, 0x1, 0x2, 0x4, 0xfffe, 0x1}, 0x20)

00:24:56 executing program 2:
set_mempolicy(0x1, &(0x7f0000000180)=0xdd, 0x3f)
r0 = syz_io_uring_setup(0x6ad4, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x2b66, 0x0, 0x0, 0x0, 0x5e)

00:24:56 executing program 0:
unshare(0x24020400)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r0, 0x1000000000000003, 0x0)

[  312.909426][ T1033]  loop2: p2 < > p3 p4
[  312.913674][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  312.921394][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  312.927579][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 0:
unshare(0x24020400)
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
lseek(r0, 0x1000000000000003, 0x0)

00:24:56 executing program 4:
r0 = epoll_create1(0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040))
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x40000009})

00:24:56 executing program 3:
rt_sigaction(0xd, &(0x7f0000000000)={&(0x7f00000000c0)="c42271bba30945c4930f72d106c4c27d13b20000000036c7f80b000000c4417d70b8930000003cc4637d192553000000eec483b121e700c442f9aaf0c4c110562ec402b1b824c290", 0x1, 0x0}, 0x0, 0x8, &(0x7f0000000400))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
shutdown(r1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c}}], 0x20}, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001580)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fork()
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r6)
sendmsg$netlink(r3, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0)
r7 = getpgid(0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x70}, r7, 0x0, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000080)={<r9=>0x0, <r10=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r10)
mq_open(&(0x7f00000015c0)='{\x00', 0x40, 0x10, &(0x7f0000001600)={0x9, 0x1, 0x5, 0x1})
sendmmsg$unix(r0, &(0x7f0000000f00)=[{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000200)="a18d45a38cd25c504f0ea2315c5627f29679ffcb517b9ac97760d96b922a47be32af64d7ab0cdc327b2f49a4dbff1606939d751aecaacb07ceab4d30c50f6f9be06aedc1767f1382867ab0ca8c16152cf0ca990e15933fd8b1d817de05c5a94461d463cac3f43cdeaf8804fd9aafde394f30635684cf141a9893dbb8fe05759bf6be20515df123565b729024b8ab1ed5eadf03d33115cb68de366bcde7ed6e46f5b204ac17be4d660d4d743c765d3c3e7ba72a329deede80", 0xb8}, {&(0x7f0000001640)="0eccc951a9c67ac8e3631487b4bddc1100a745738fdac42a9a04da9dbe655be16bb0b9301338725517fb75eee20f4c3718de34dc08cf8be7331ee294134992973fc16efb6bed504ceafd9bc72304918ae68babe439f143186d9982ed5e85decbb01ac3f70e7890cd7044c347282a39f5b32f6e8c1a8af0833f3462527fb84dea4a0503d4a46cdcf1d05939509a140592b675f19bea3a2d765432468258d9ff119b4a8cfa1c22e0dc33c8da60e377628f303e534a692b891675210ad58339aeeedfa016877a8d6ff54dbea7b7af9d39d961181529d0de55bd7724dedb1a8419476c182e9855b106d28e600c0791249f9cc1b070c272a7a2e8a552c51d8e307a688a3a3930637acf152d0ee46e2cc32a47cfb246384a2b3cd3f368eb6d85ce316f91c14d445df9a38c225e4f93fbe89d717d0c5dae2f7e47231a07a66684f810feac1a20166850c9c341ff78e7b716e3220c92e2ace8fe98be8a835e84fd0f41fcefd5bab09a3c90307d15097f2f26ea3bf88ef076330ec2f8bc1e68a6aef93ad47b17ab81bee502a0daecb30bb294aa9d83b4f89c250e02b918bcb5e014f2b7fcf4439eaa3d7880d002268e97d2677b306df1717e919521ac2daf62a3d84351cd215b86117c199060c282fd3d51b28253cadeb61c1b180389e2f78aaf855aeb699e7088b1093bcc1634f63861629534e3d3832e5a881f4b15e8219fe4b96a3c7da28659b424470a6cab998fa3cd163577033a19738094dd2699fc22fe06bf9ee345d527e12f094c8e30e48c41c9f75e56273ce0222f3dfc76be372ab77132546a586a7aa4a3e183f33bd9540c73d26c4d740a575e920f7afc6030ddf877ddcff1eed6e38b7262c77c229e0a1341da2042a434484a8a5f672b3558b3c7e58b0856ecb1bf03afa563d9f4320c4bb6fb3153b3aff3b45049cc35bfbc80c654452cea5ef2b0648a765aedb7b484d8e4a57c9d879f27d79b8191ee6a8414ec1cb1322c4b31e880f7226391f0f1f68bce123905fd90e8a09c6d9dcf9525d47df59f9dcc59cdb35b88f70ad3e21b4824c38beda1de900c73eb37b120487a79913b62a6cf2d5f7d4a7c69fc7eddc282825c1bf96cbcf5d1c3e0ae5e808eb66f13dc7c05141819c19301ef892be441b4d29b409900fc5bfef8bf84c6c4b20fc0a7c5e23fcb6f55d435d436108ad6ca3fbcdb10ce151ac92ded4c45ca284600f6e33ced3af788ae3abbd96225a80a459e0abca2259ea4350e2eb6af35bae40d0c90e17349b103f179a5432eec898a84ebaeb082fc85634a60ee82f6c97de09a989143c6f9dd6ed4c65c041a0c0e3537a338dd3867397c419e98632234e570153882e725a26c72414fc2132cb20e037304441307ed2bbb3ba71b8eb91a20af5997a48508e6b51ca911a7859e0d77bc48308712a03c21805269d96a8bb1239097fc5c177b88e1e57d3a49eb6b08b446d7114bf8b79214c19fde0ee09d15292d40665ac6ade91ac842064ddc710f20028cf3c0c55ed0cff3ce36ddac04796c226ef03a2c87aa3871840c08338b9afabbea71223cfac5124e9db05d551f4bf8ab76aff826178e709c747e523556b275c1d6a4c4fa71653d31a121bb4fb789bfa52d44a5c95b856a73cb163e37033d669f714fd58840ca71ede314a9e33fa4aac0b43b5ce004ed55f0ddef03d005e9045635a60c63b0136ee7c532596b7f166d3e132f1b15ac29560f60cc11fa2a9e56837b287a5c086847a1bb8cda227a57e767b63beacf1c5dd9dc7b3f57c0f1920e53bca44da0b65c9a64105d61f152d3cc333d0f84cd3e8b9b1331b6f34fc57968d81570e00294190f810c54d6cb7c5972385bc42efd2ae3de45a920d530442f051a24cb346c00b2e7aab1e3a2bb7940a445d709e85f632b299ca62abed4b7d85b886b92b4c6192888c87df7f73fe4abe375347bac84e3caf372cbe82cc6519e28bb2ef80b141f844b656d385e0093d7412b31e98040ff867d56f33522abd8e26d0059ffe0e5635c81c572c4d6c2fec7f0755f1814b7c70b39c6c219e8dff3ca7b75ff70166dae1a081e1dcb3b499a2d30054d19e3fa9ea89c1c22800cbc912721b3dc1decbd3a4bcd8b1e8e83c02fe583648f0b0aeea5b96b391b61cf090e04e16b5264ec6dcba1c0233d69c24d896f73a8ec4de8149994ca6e2b6c627cfe610903d775ecbd357708dcb1c91a1683aae97d11975806a5008c51d1cf68027d8b5de63d9fd835ea559f1aedc4af8f4b64df5fb2c9503d53b5cf90bb586941c8f1fded765e1b899c84ac7c067f954a86da69f384c7aa2f4efb0d0503c7e2634898f2bb8780746317f78c9350dac8cadb7bcb692189bfb8fe394d8d6cbb14d00fb4d9cd1ff1afdf11cf794c8dd0e127244505dcf1942c678f9bcd06d17af7625cf982dae782540f7dd959d6761f6e072beb76f124f8972efc1fb67c9c700192fc10ef06a91113555fdbd93d3edecfc34550cc4ef781e74843a5bf99a25cc686fd9684f5b365934ab817a74f4ec4440fadb8c495a6af45f15a20919e13413ac8378ec6a94ff8b09928087c90a185d8e1936b9f1c33f28a98e78b8768a8c2c345b5da2e64a68bf3606eeca247ddacf1e35964f21322286ef492c3321a594485a02159b89b0400690799ed1adfed1d49bc1595243afcfa2b5a143797dd32facf5ac3eeb27e6365ca3e485e7c1a5ad9925fbdbad14e7fb57d9e47f63d35b4260b0dfae196f03456f5bf6be5e4fe700f768e10b4fab0d70851120a3b6b20774ba5980080cd706ea55b459018634afdc9badc0e406eb756930738da714c25bfa3e6c0a554a7a4ea2f0db6b3478524b5fb7195693d3c20ef295213dbdc32cd726189a8a5b351264ed8664aa4c56a315d781ec44dee0be40dc81c5a55f2dd6a6936a437d9292dc406bd1df40b623faf6a4e8ad5f6679314c232f34e41c4249f11ad416908b41f7c391fb0c5e4b517a6f72c83f32a393ebe70b07a9919da26bda8adb500e73bcf45780e963a9553e770841c920f109502a4e9ed15029b645c454b4f9a471d1e98fbafe8b860d21c1349a64d105205ad6cc415bb6c6f3fd4b04eeac2dc0fea1aa10fed58ea68f4e6102bfa63b55672d94049b9859349753a75a056da503f7f0da1700ef391ed97b6b771a00c962c736973523819d5aa419e1e6611e02c027401fbf538caf71f2f66059dff886ec13b71bdc92da9e80bf000d4f2dfc9cb8149420a5b129e0864e25528bf9e5488aeedaa8f43bb7a3ff6e571cb3cac55db7bbdd0c9f36662d89a34afc95489d73ecf234f1b52bd9dec1913c2dfdc1f6be187e6e56d3c25d688522a1b02637de07086bad50317fe2167f36ba34eba02bdb28089af2ef22304fa33b0c12a7481edbc63b8acd176f4bdfff05b27f1fab1bfe4c99dd73f519d9a863d0b17f5fdcb23302db3bd3acbee3a819fec5985bc0c6a92c62d33121250091cdb5ce11c8efadca53673dd2ec3385c4c7d2b27016a6f8004d7af2a754449228c2d378f1963bda09666d4a4479d6b3a4da6252f93ea6c6f675a1a26e7d7b802571e09bdb87840a33feabd464f7baab6693e156c9cb9c30b9568a3d162f11f236953f0d5fe45015658dc3544f3e16364b0129f4e76a00b44ed882fbb1afee816c0d00e49bcc9056731e9bb2b871f866e9ab20b80d588f86f97e423cbf40581ca549f6099e694d791004ac422065c6678e9632f5de874c4078915390cfc52ef656c0cb9d6d5ac322181006e95933cba3f5e50258e2b93ab2624958ce671d73312b10b539bd65c493c94da3131eb018490e9c80230b706ab0c8d39e1d23974eb9eff655404ff7ce88f5ebdff6cf182c2caa336b6829ec53bafdc8c714322a7d2ce97e2d013978586028f146db1ce5e315e25279293d565b258e7b3846ca0f686239b1fc2387839377cc26c0886eafd93247296f3b90ba33b1cb32a055f553cd3951e5e252597961c79610741e31a1b77b36cde8d6675551f5296d8ead7b502d4f55248c956c017aca27061f2a30d5217bec0016e2cb0cea93269a6eab721c0ea7e8dca19101ed5106631d356e19421af69d6459f358bc65ea3124a8dcf7e19fb6fddccb9581d86c94cb676c0c94fb7cd2f5b527d841281020d9d3ed13789fa9f92da9300eee3b56beaf547e5a7392e75202bc5ce3377f6c72ac37ac09e6e11d80ce313e3049334e61b93470fe5e9379653926b08a2be02399b10e86c2e5e1586bdfd54f7e0f720b2f812953842b91764d2bef309c20e48446acc2debac036cf8b89c303f8791a089e3859b70bf388e3007c2887948f484a4ca43f0a01a993a07afffcf780f48067fe052260733228d991f124a852690071621511031b628643d03e0a46ea7c933f5b5b86a7d3274213c229b77775c402c8613fd8a87da7ac5556edcc9bf27a4f171e91c27ec3932cc7654bca237b5cae1e0a5ced4a4b8d2b44518bdc61a9d7b8d1db77f478e80b1e17eac827c1a30f828cab6d5e532dac738ce8eff699b394d17e833f7586a59570f683a45e514d576db2503ce1913d9adbaf9cabf8c5fb4c84f88c775879dc6fbd489c1701271cc79573c6f31cd540c37d99c025f4b41de4ff124ba9b7e7e006a1955e50e22e32374a246d78e9f7baa1aed2916dd128ee01e5885d944fd5fd6ae87fce1809f60f68d3cad161d676daa33242c306d178c79c4dd130287425c919d5c05abe5b55217d484b55b6dc46929daf45b3101e35e1dab160aa635bec200155ac3622b7237430c7c8bdd693dd71d28fa44d8425eb0f09678a9497f051172d70deac805cf83cbcadf0e241322864276056194b2e2c8cf4ce75b41ad0fb8bfd34a67b2f74b2d8ff39ae0b3906a1f438286d6d0f44bd2da47a4cb3a17c788402ddef68f8f6e954c07f74a52d9e10f8b19428ef5045ef632aa874157d625faa7fb5c24d00f5ec2ea7b27f39a1103571be0f643678e2a6a8e5343a4f2e6f196a3c30408f854ddcf535f51ffc1f96db607fa0aab2f790e11c6d8df8c3c1f7347b4d8900d54dcab4605d7e6824854049ccde78694dff564a4f32b7458405e2d4c57e2c977be9c76ba4b7cfd7823ebf471bba7241902ffdd964937877cc8f0a60623403fc71a240aa56c66f081d6d3216ac66c0d135f936bfac9e4965f1078dafc10ab59020761bba6a4743b42ec391f20aaaddfbdea977ddfcbd14ac0604b1a56a9cf102474df380859d76208ac52dec6e123114d485665f2f6c2e850991e0d9c9464bfa872486ba71307cdb8c8c59fa20206834cd3584f953a3d79e0677ac51a42578f964a983b14c0148a2c0f2b7bddcd5b4075e29629fc3d7899df73e2a08408fd5ea2c5e3a85a63b71df97ad719cb5ddc92920861ef171d6b4785f61a63c60e176344f1148de388a1fee25b56324cf46fd25acce13b600f555fadf8d0f1cb98a2714705f266301d4b67e4890eb23984307ecbd709dd54093ca0b814a269f5dcd5fc0a2825e2000aec7e5e0a676c5021106956a42db2ebc4c4ebc9c6d432f8194e69ef94fff362880591ac7d77e5842f34d88a6f1eee356a81883dca2f96b1bd06b28aa3a0e994b45087a52d25b544319e2b4126573d55b46fe1083e6a14dfdb3ce77478bb8ea8ff724ec5bad6f52ac58fa998ead0f85c3e8bb01737cdd6127910f04b52a3dc1b5f1a4b9ef38900079147b924492c600a60a76fccd91fe43ab117c3f26c2dc4b9efd8584c6fdd01e4068ed32f9611b683a107825811425f59f93cd3212276f73c1e14b69a5ed72aefdf51a558484f0abf8e0fe355b98050d9475194a2692ba326dc36", 0x1000}, {&(0x7f00000002c0)="fb270dac8ee5d8d62f5df58360f059cb7aa556fd88397720b4d931b35b3b62b1815970f0e6812b833636a8d9ea79bb7d7eae2129b11ebe325074b8c2aa47341ecb7100e09fe249e5f8a3e78dfc5dd20baac43d66f9ac9726e5d839b168faac28bfa05258e220b489803633cc3bcd4f96d42cd8857065466531fda9bba5f1b8dc5fd5da4ce94f4707e4b5588c96d25e3d94d205d61e91b1f9a6769dd079cd9c5157ee81bf59cedae2cf82a8eca9daace90edfa9d7a16b2d038135b9e2c2b01b", 0xbf}, {&(0x7f0000000440)="c55ec3640b49d120ba7cd729f16b7c799548c636457802b9c98b6fbf4b1eb1e4625f7c89a67a720b327998f51d1424f26c466fe8f0f18463cbd3183cf381345e1e3588c676399327e19e7516bbdc5f7f300a0a31abbc7f89c0aca15a6a31e44602328f1b41d80fcbf79dfbe0327c14476887532a723f111abf4ad7ccd411afcaa391fb0beb9f6eb1830d22584004109709a252e7e83b4c28c132f5e1e7e0bee4486de5c583a10439e27652200e4f92b47c2755ec48da6c81411f4a9ad8b603244de9eec70973171cc26ea76fb88d0f58ee28b5d8e346fb463d5d1e434fd623180239afa900", 0xe5}, {&(0x7f0000000780)="e11f59b798cce709ab8871e3717acc6336f8734f08d19f53104703e2928440d7e929c3cbee863398c1024538ddc6d8791f2cca9de3c860a73e24f25f2116705ef7553b86f719f5c35e7350c8db4a568d6b4cc537e9a7152c83b30093311d528fc37343e51612656f1035f87b32a3fd4c17baf7c28599dd4386bede3ac8bd72022ac82ffa6cad913d3f3e05b03eb7d04cea0b53953f09a60327b92dac73c24ad0a8ce2e2d8555628912f5259e751643948dba561c173c2c1d4398882bbd179941ab22224fac618514e1d1a65ce5387b35ec3db2b4d190a902a463a8", 0xdb}], 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="1000000000000000010000e0000000001c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x50, 0x4000004}, {&(0x7f0000000640)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000880)="8b3e977c5de1de040e7363b2d8bcaab17fbfa15b80d03b4f6f74a0919b8dee46287c47afdb828c09752652cce6b6cd0fb95f82e42d115432e5b7d3c0b46ff58557d3ae5b9e31861e2f91e7ca3dbc63e2b6d4678140353508cc3bd283c288f317d2d5f1af68d7773c8caaa145205bf3d7efa8c698095348a71e6bcb00", 0x7c}, {&(0x7f0000000fc0)="d69efb4752ea18ae81ac1b097d6ec1007432fab2a6d5b86baa9a02f880c390750f3995557848c9b49a45ba1d0bc9c1595a2a767eda035ac2a139d8d9d1159f9bcf2223ae67ccbcbf2b6e6fb35f2772a0b2fd420f596aec15862b246a3b2b51d3769d9459da64215d0a53865ce03c4e7f016c1cb4135d3fcb2c0b1b735e16594a94d745f1d14a20d4c375f72f33ac472ff6dfc56fc3430a892e433638af75923a7a83c39b86786f1a4e4dd58d9f87a566242d2d4d9f3487e805605e4350cc7904f242c1eed32c7cf1a53895edc796fbffffff56527e31f2174083d6c5cd8e642b7e41f40f6cbc94190079f9282897991390309816cbe7c2", 0xf7}, {&(0x7f0000000a00)="b9338f8a5d7025a1b331e5fbdeb52f34d78060ee6121c796396f54df9eb50d1d960e3d12c1b413607092a3f16c4a352f102c94a41ba58d39c1c5c48a0da1bded56eeea4003bc94d55dab4bba93f43062e699966b8868924c04e81dd99a4cbd6f9d9a73033194a0ed749e8f5988d1ed273223a7802977fce58b59428c854f6ccb883be81e77b98909abf1d6a3f11039d6f05478a99e548e488a900535abf7709bbc3cc293b7f5d12280cbe8f1d8ad9f3d8c4d965f4d", 0xb5}, {&(0x7f0000000ac0)="09b8063ecda6a5d1c69a2deb896d776edb495402925ebd788208462b32c4e1a021d4a9063a375a7ebe7a268e9d871bb2cbd2b05f0ff626b4e6889d893816aa3ee34f8f3df8e38874198ac3b5", 0x4c}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="865409d78200"/16], 0x10}, {&(0x7f0000000b80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000c00)}, {&(0x7f0000000c40)="1a9ad05a44ad", 0x6}, {&(0x7f0000000c80)="5dec80351af2899a32ac5350260229044d3e9537d30305301b15a974679f3f4ff038fea693c0fd8ab20e6cd67fb5bd3898b912c07b615cf8968ab771f98f82104c2985233d5b803edbe55dd42f0248bfca075bafeb3590b794573c8259bd4168e08d23d9b2a0af9ddb4ae914eab6ad79f1be5a1a246b", 0x76}, {&(0x7f0000000d00)="725abac81fe45d2ea04de086c76b8f04799dac67b7f645e7b9a88432e8cc2406ef97daeba91d1395a9214fd1aa804333f90c45b665fec08413600058e66e1cb5924e849a0ca6db8b3f91d498d223c1c5d7069f38871220c0eaf645abcf8b5bd3993def0149d4a56028d14af209abd5b05c80ce42feb0", 0x76}, {&(0x7f0000002640)="165f0b13e9e4ace205447f882af22a44043a6ed93d44e2521e15f9eeeac2467b8c59c9efdad3c7f850a403fdc31117d3a3cf9d6dd8523504ba1adec38ebfbebd503dfe452e11c878106f0631f18d4aa0e926a6636070589bb9b30c28bd2061ff95075b42c73f42fdde99ff728d367164a10c057865256772efbe52850775863fd4b95cab0e3fdaacef53e93bc9f9d6808068f5989da6c940b3c1622ad8f5ddc209f0aa95f6d59b9c0b556803fba10d80bcb3adf3c08905284eef855df24fb6a071bb4361e593dcba22b5cd46b7d1fce9ff82221af25935874b80b0d1da906838b72d162ed44dcb9fff333f61dfa2adf599405aa164196dfb6040a8c1b045fd854523d2e887b923c2fca57ebb50b1421c5d04b6267977a0de04df4640b07554c37e534cd52351aafcd8d3635e017b2e8c8eba34fc15c246eac7720e0d20d2b3f68698f57b0734610a9230ed15bc646b8ea3a5b4968dae0d6cc0f7cd988edced4220866cad7efa41b3df673b1f9e1b0de134affae4dcf9eb964d049b2877db75069c740f0ba8803a11e6565e91d4f7ae84e5687a5935c14d47826e08a60c62b3e840fcca5191343181b1ad50e43a251e63e5464c2bd4d2baf8713a58b1c3c6a86930a7e83eaa55e041aaa8acc7c5d3ddda79245cf3685aa88787008849bfa890570423eec59d69cb9042149f942e0830b5183df481bdd9c7694c67ea36a7c65c557acc2827c56b0804d64beac6d545ef1fd516ce532cbbb22f08b20b7d7cd4c5a21cb5eb24432e0aef639febed1b3bb4e59717266f97e929b19c105b757fc16624d23a8ac057e85b84d9c9bbe3b380fa854078a1a150b890e2d8d42e9e7c815b81edafb99d7a3a9112b13f7ff78ab921f27c8e60a9f1604d60c8d95525e1e596993bfe9ed4b8a4f23c3a50015e398fae18d539e2e75ddd84f52cc519ec5093b5ffc1e4ada86afe3a5db689a0f93357029d0fe7602ac2eacfeb35bdd50e059c24b36a4188136a17cf999270ace5e8342a4a75351f4d6312c7cf00fc2db33c4c12b194d5cf6b32430698da713b5243962911bffabb8c6c67a97f52a43e788a0bcb39a6c3d3ea565875d2beb46be6d7b446180927bfe9b0cb9357f35ca8dc158ce560db1878b3e60875d5e5d5f9c24e79bec4253fd0de7e78b6556f1470c57d84746b13ae45fbbd638929e4dc723a182cb700652cdbefd9c4e4bbc4828b6c28b00640a81260295b737b8d8756907e50be9db886a4d532151b1995f2f77f306cdf7ca045c86484fb9c5d26332b3757a11072255470fab397ff8eb9ae495e2130ed8535b0cbb4e91cbfe7172519dad651bb2258a4767a3b57786afa5584212ed6209922237b94de25039daf5270dd742a137e59636525650c56ad1d9d2d9924c05d3ac6bf8541c7cd9e24ae265e8d02abebd0f8190e2e052d808a8906e21848b4f67e6a0d894b4dc09de85a2ca389789ea86fb080f2eea7bc1151e60c17662eac801d77bff1666a3e910d3dffa0236eb0f3675e84380be00e8f8ffdd56d1fb96bded0c3e714056e474909f8690fa99eceae3a8ca9072f02d484ccd590cf121a00748231cc8e54a15ae1c9bb07ae4860b117cfdb5776658ce40ea3834092d30d531561b96e72c819611f0a7c34dee59b6c21c514b76c37fc6d244dfa378ea1b61807354460de30529bf38367836a2c11a22b72c5ae526d05a2aca1c0ec54b85657ac3d10075d14f576e88b1b3ad57bace8f81215b08425863e72636688a796be59c1adb957013ade09ff92e86d9f8bd3b36f761000a16d9ea5529350733f4add9660eb92ddc7b7990367dd4112a6dc4c9fb7948e516db30e3790881d1702b28f14c35cd9f1080559be8caae357b9fc4e62d7ca93adde3fca7d05600d392d5460bbc3a4fb3454a33e2315276a6f11bf624f95ef8fbda3a071d5f1c95b9da78833aa99e8e04f7cf2865b49568b8afbb6eace478c8b588c77046cee39bc17b08b5eed9778abf4cf2a4c955ae488583955228612d986f93e51479117747a91a4a4631fe08dd8c3fc67f55ff74e31d6aac8bae2cf079a713bcd091680af48e90ed655c2a86c1bd70e7bc8791d3a28167cd30814f565c4b4dd9029118f7e7e13ba05e88c659858dd150820229c999691c0fe37cfcce7012a52b4d1de97b94132ccc1bcc138a526dcb58b895d8d69b9694d169b99b8b9900857030f126e6133c534d5b36c38d9b709e64bd812d43fda8ef576dca2921cbf3f176e12af6ca94811f1ddbdac9d9e8a18eea50d68a1b3866bc730ff4c8bbbbe09635ad0beae9e2d4c87597459cefffd1909f0600fbe4bf6fe262026dc194a68d23e23af98ac3063a2f129636aecbe4b7dbff6b695792c395c3b1f3b5154f6fde300b038db2458b9f677f2c10057d6c19afeac99909a10de8a3a437311596c37e0f2ff3c792bccdf01e9c4c82e6500d429c5dd27eae03bb6f7316e886d9283c3913d9b5fd71ca17abbea8a261d75afd3377df6f1481b0cb25cf955710a517a4fc5151176457096d0253376173f041047df5aa450c462ff3cac5edd63e733fd537949ba2d36ff4d560d22a36e47d7c8c1ee1c4d79f79e8a9b0841e1bdab7f4d8a3b2e6d8a4b753ac88224b3d09e504c74c179f67711425417e79cc4902d22ae9e2b858d4a60fbf126c6b5a5c660371e9885c1fd5d389cefb1d429d3f82bed5c516bcc1828f097dc63f8b0b534e939f33c70d797e23b4290881c9f3f8c3a357f6c2abd8974bcf6866666b19cdafef6502a51873ed34d028ec7cbb5da4256f0e794653a6f828a5af6ad86126eee0cf939bcb3d2795a85d0b757dbb7d39310bbf05960a1ca4a16249c526682905c1fe53d7893bc8930b9bba5f9b3100c1039f7fca81288c48809bd969d57005c745298293d4c2d0a706d93a16d7aeded59e7479f8283ad63bbd073aae94a83b49f0c534ed562f412344b702764d2e02ab863ac9b7d9e7e465e08761d9e550d2a6d2243d82ba0444f9026e40ccc88815c839c855176c6754bd40fca8486e3a95985c8d3498a54b60fead8cab45b74dc503f7f1ac727f089d010cc99cfb5e6a9dd403105a56638b7a52afd30726a586f8c58c706f93353dfe9474ee48ba179fa5dec2ad9bf985acfcaf115707df22d97b0e966bab45a8eab58fc82ec30db4f252a341055ed009e569b7f40d650f4d4a6394b0757620bfad7821107b6335a48051a3e7fcf076e18575760c4425df98e85bee1b115e2207843f4655512759b71a6d10d680fb896a6bf2155231a9c21d89a736ecebecf09304b69849c3a73a3563fb61cbee81bc84760d54e9b0b2aa11bb90b21319017e013fd53e951eceae34f5d07472d1280d2fa95708e7a14287997ab7f34be9c939d40b1ba9400bdb43200ff999b87accc31d16ac60f370f0630e5c10d41b9c626c2d30fe445ea2520c17d174b981647dbb5443d02c8ae5735d7f6c76789c07e90e194a541f0a038f9f58e0c3f2ba8147abaac4a57fa89a2fc733e3e8a8b0ed878eb1de71a2aed069643a7d35d112084523a1b8b099098719d0505231e55226da758cdb67e8c171c3a49a48ada2384fb93d3e392babd54973f50f988915573ff3b312ba2cb13574ba8c4aa2b60bdd7014034a7b6174267e4d940514be828fd4fa41dd11641abaf19c8223447888068077b83dca9a6ef5453914e5a29d2c6d8af427c6912aaeb72385e9024ab152b066f08aa9c9c2e0da5f6e59ef35b6e403f2aba925abf1e7a4c10b27f7af41fd1cde8dadfca4b212828a12a2f1fee5980e3272f4fde34259783e2f850b399611995089c88b6e6432fb51189f3a2a7cfae45b1c47a348a9b0a3eccf58be5203589cc98aa3026e43568d4ad058176eb90dbb0fa8b4030f81f66c50d29df1c97c4535e5862cca12cd2f2f4a2620b20f812dc2ce8ab42c3ec9bd629672683aee2644f5bc7d3df0f72e07bbc898693b831e2a2297d2ee7b2ccd908a2df38b84a5774bb2e33979601f593e183d43dd65b5b14c6778c5bcedf00b3992f98bf29657b80f97deb4f42736d958282000e9cc86d9290d8ca13765b5ebbada588add95374675295df1d5bd3c1736e2ed031ed16e28cc640e98f80ed9102841f1a925744c569d650f7c161517c144294e8318b1aee63ed909df20a2b34cfbe629b44806ed50a1769feef76b0b483c1a3ad841309bfba92aaace9af860acf941ba0f5d950a9effdc0c584bf10a519151f67458d366455f4266036ebe2e178352589df05810f8617887d2c5cabf6085675cb3e0ea029d87e19851a36db8572bc181464df226b902824079eef80c5b44a2d5f3e1d4b166b24ceeba96885516281b4b57e15a0f75c8bb6a437db3109c763ab9e5276f6d5e28393a71eb57d1c2081e71a18e4a9b86d354acac6775ae9904b0bcc9dc44c83d1a26624441cf8f2f9ac9ebc49b326a391168c6b9df608151c0f45e4d8a761e5cadb52d01048fd9fd4cabad694dc18779f64c7811d373704d46968f95be4a32ded6725f41592779228c45c5d0a65d2a36fcbf50b21cfb3d2232312f3ea9fa9419ce2c7ab7a59895b9ff6f9023ea8be1eeac102b257854cb518748b013ee834beea2e277b57df7e2e1f6526d2e7c081553622dc004001360309a0d74fb8fff3da90693fb7cd0b91d18e8b386e1bf2a801436d86b60dd11c1eb427cea2070687f21ad6dae982d3791cd0f31623ea233d80a038bd781ccf4cbab9372eb937f50030d30d8642e567d3506f8c70d57e6e0ebb2841dbf673c0e2500e15234a2538ddbc95991df60d8a63f5bfbab332504ca7b0d32c6a3904538ed96eb536254f02e40945bb94ba534fc3e21ebfee7d9d23ffd6a1f80eea66123e9180589ef7adef382d3d17f02350fc37ea9e03022723c06023266b52743689ff0d14aac46afad3d36433479609827c2d6e7fc9acbfcd3d14119331c2e5064e1afccacdc62bef558b4be52baa913245174e39388f1e5883ae9e943a26e8dda95b9271b44d585d01aee443c7c0cf0b6b3505c26b3b1ccf27d5fef2f9682f2e7dbf14923139bd8125b16294ed1a6f6594dbecb3d0c8c37b58af76f0db9c5ea892789232f05a5cb021889374c698f463feb0c4f0dfc00ebfb90587485b8ab29e905edca6e557afe41f98e63942c6f62d4f45540d272a872948a46ee5baa1bce58d501840ec19f24f9b6213d5a11813a189a5f15a226bb53bf0fa4194fc5fcb9684598b45c95d41f494f8e159359f2da0e42e5e126872b6dc57a8a66288e1b79aaae6c836a9cfa0ec6f4432c58c9096912f7cf9bab3660e1d2076647abfb333ff8a914a7ec4ad84672f23deece602d32d03eeefc684a45b0808cc2bb0adacc7c96a4aebb8a132ea03fbb09c05b92f3b7b553b8356cd1158be2fa41db038d3e19ebf3d5829d45f26bb796871e1b9a5e388b7d85f0a8b33786540449b23969f72f5b249f4613fd106acb01699a51856f33e27c197f858c2421c3277bfb551c7d9f59902ba65c82f790db39395f1871357be2f61ec67df5373a18c21dc54bff8d4c7496efa7cdcc9328db03abf44bfa3238f5fa9200b571004168d1b024b921935e3ee445f2989dca3aa3c20cd4f1a3e44336ad4c817b69edcaf024f2123352b13ed82353d7435b298efb9133e3f807eee41fea0a582e9db1fec9420175e2fc594ea2008eaaef0d8b611022abc1f0f7a0683c36caf096c424ba86605c4d7fbd069e56c956f47657b524a40350a42a0d0fcc40154e8eebac955ab631fd607572e65c57b62502d1b370c2b9193d8644642555dcc2dbd21d5942d63cf8afca3a39eab31a3", 0x1000}], 0x5, &(0x7f0000000380), 0x0, 0x40000}], 0x3, 0x20008000)
write(r1, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x7fffffff, 0x1, 0x2, 0x4, 0xfffe, 0x1}, 0x20)

00:24:56 executing program 5:
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
chroot(&(0x7f0000000740)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)

00:24:56 executing program 2:
set_mempolicy(0x1, &(0x7f0000000180)=0xdd, 0x3f)
r0 = syz_io_uring_setup(0x6ad4, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x2b66, 0x0, 0x0, 0x0, 0x5e)

[  312.954722][ T1033]  loop2: p2 < > p3 p4
[  312.965063][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  312.989725][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  312.995903][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

[  313.142790][ T1033]  loop2: p2 < > p3 p4
[  313.152578][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  313.165605][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  313.171796][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 3:
syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0xee01, 0xee01)
umount2(&(0x7f0000000080)='./file0\x00', 0x0)

00:24:56 executing program 5:
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
chroot(&(0x7f0000000740)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)

00:24:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000400)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='umask=0'])

00:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 3:
syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0xee01, 0xee01)
umount2(&(0x7f0000000080)='./file0\x00', 0x0)

00:24:56 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop, @rr={0x44, 0x3}]}}}], 0x18}}], 0x1, 0x0)

00:24:56 executing program 5:
mkdir(&(0x7f0000002000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
chroot(&(0x7f0000000740)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)

[  313.261954][ T1033]  loop1: p2 < > p3 p4
[  313.267747][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  313.290873][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  313.297061][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 3:
syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0xee01, 0xee01)
umount2(&(0x7f0000000080)='./file0\x00', 0x0)

00:24:56 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop, @rr={0x44, 0x3}]}}}], 0x18}}], 0x1, 0x0)

00:24:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xbb, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

[  313.391289][ T1033]  loop2: p2 < > p3 p4
[  313.414240][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  313.429174][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  313.435357][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:56 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 3:
syz_mount_image$msdos(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0xee01, 0xee01)
umount2(&(0x7f0000000080)='./file0\x00', 0x0)

00:24:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xbb, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

00:24:56 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop, @rr={0x44, 0x3}]}}}], 0x18}}], 0x1, 0x0)

00:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:56 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:57 executing program 3:
creat(&(0x7f0000000180)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=f', @ANYBLOB=',context\ns'])

00:24:57 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000000)={0x2, 0x4e23, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x14, 0x0, 0x7, {[@noop, @rr={0x44, 0x3}]}}}], 0x18}}], 0x1, 0x0)

[  313.537283][ T1033]  loop2: p2 < > p3 p4
[  313.541756][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  313.551136][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  313.557335][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:57 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xbb, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

00:24:57 executing program 3:
creat(&(0x7f0000000180)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=f', @ANYBLOB=',context\ns'])

00:24:57 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xbb, &(0x7f0000000140)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabe0728d48d59f2324ddf79bae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fc11645f38518dab0aa94ad60d0668d3bbe0625d5d2e3bb987d1e09a"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = getpid()
tkill(r2, 0x35)

[  313.641134][T24646] 9pnet: Could not find request transport: f
[  313.664334][ T1033]  loop2: p2 < > p3 p4
[  313.680512][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  313.700308][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  313.706484][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  313.714584][T24664] 9pnet: Could not find request transport: f
00:24:57 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x27df, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
poll(&(0x7f0000000100)=[{r0}], 0x1, 0xfc)

00:24:57 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xf84c3, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d0020002000200020002000200020002000200020002000000000000000002101000000000121252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c1001000000000000000001120000000022001601", 0xa0, 0x8800}, {&(0x7f0000014200)="2200160100000000011600080000000008007809140b2a3a0802", 0x1a, 0x8b000}], 0x0, &(0x7f0000000840))

00:24:57 executing program 3:
creat(&(0x7f0000000180)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=f', @ANYBLOB=',context\ns'])

00:24:57 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 1:
clone(0x20002044dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x2600)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000a00)="bd", 0x1)
tee(r2, r1, 0x800000003, 0x0)

[  313.817271][ T1033]  loop2: p2 < > p3 p4
[  313.826746][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  313.839434][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  313.845594][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:57 executing program 3:
creat(&(0x7f0000000180)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=f', @ANYBLOB=',context\ns'])

00:24:57 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 5:
unshare(0x400)
r0 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0)

00:24:57 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

[  313.886737][T24689] 9pnet: Could not find request transport: f
00:24:57 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 1:
clone(0x20002044dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x2600)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000a00)="bd", 0x1)
tee(r2, r1, 0x800000003, 0x0)

[  313.943174][ T1033]  loop1: p2 < > p3 p4
[  313.951860][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  313.963144][T24707] 9pnet: Could not find request transport: f
[  313.978727][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  313.984966][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  314.038546][ T1033]  loop2: p2 < > p3 p4
[  314.042774][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.050562][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.056878][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:57 executing program 1:
clone(0x20002044dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x2600)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000a00)="bd", 0x1)
tee(r2, r1, 0x800000003, 0x0)

00:24:57 executing program 5:
unshare(0x400)
r0 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0)

00:24:57 executing program 3:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r0 = socket(0x1000000000000010, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1b0000001a0025f00018009300edfc0e800300000000af00000000", 0x1b)

00:24:57 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r2, 0x0)
preadv(r1, &(0x7f0000000280)=[{0x0, 0xfffffffffffffe7b}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x400b012, r1, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff009b4b299667b70536342623b372d82fefa01f9a2d83297f99b4e597f4e9fad324868e83f474d0c3549b582f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b314a", 0xff7c}], 0x1)

00:24:57 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='ns\x00')
getdents64(r0, &(0x7f0000000000)=""/147, 0x93)
getdents64(r0, &(0x7f0000000240)=""/198, 0xc6)
getdents64(r0, 0x0, 0x0)

00:24:57 executing program 4:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040))

00:24:57 executing program 1:
clone(0x20002044dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x2600)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000a00)="bd", 0x1)
tee(r2, r1, 0x800000003, 0x0)

00:24:57 executing program 5:
unshare(0x400)
r0 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0)

00:24:57 executing program 3:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r0 = socket(0x1000000000000010, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1b0000001a0025f00018009300edfc0e800300000000af00000000", 0x1b)

[  314.087704][ T1033]  loop1: p2 < > p3 p4
[  314.094378][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.105062][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.111259][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:57 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r1, 0x40286608, &(0x7f0000000280)={0x80000000})

00:24:57 executing program 1:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x40085203, &(0x7f0000001680))

00:24:57 executing program 5:
unshare(0x400)
r0 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0)

00:24:57 executing program 4:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040))

00:24:57 executing program 3:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r0 = socket(0x1000000000000010, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1b0000001a0025f00018009300edfc0e800300000000af00000000", 0x1b)

00:24:57 executing program 4:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040))

[  314.205430][ T1033]  loop2: p2 < > p3 p4
[  314.212951][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.241925][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.241937][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  314.252474][T24762] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  314.258487][T24775] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  314.291477][ T1033]  loop1: p2 < > p3 p4
[  314.302829][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.303182][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.315465][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  314.337306][ T1033]  loop1: p2 < > p3 p4
[  314.337336][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.337634][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.337648][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  314.364635][ T1033]  loop2: p2 < > p3 p4
[  314.364672][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.364905][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.364917][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  314.374791][ T1033]  loop1: p2 < > p3 p4
[  314.394393][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.401188][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.401265][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  314.419530][ T1033]  loop2: p2 < > p3 p4
[  314.419647][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.419831][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.419900][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  314.430181][ T1033]  loop1: p2 < > p3 p4
[  314.448866][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.455652][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.455733][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:57 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r2, 0x0)
preadv(r1, &(0x7f0000000280)=[{0x0, 0xfffffffffffffe7b}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x400b012, r1, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff009b4b299667b70536342623b372d82fefa01f9a2d83297f99b4e597f4e9fad324868e83f474d0c3549b582f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b314a", 0xff7c}], 0x1)

00:24:57 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='gid='])

00:24:57 executing program 1:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x40085203, &(0x7f0000001680))

00:24:57 executing program 3:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r0 = socket(0x1000000000000010, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1b0000001a0025f00018009300edfc0e800300000000af00000000", 0x1b)

00:24:57 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r1, 0x40286608, &(0x7f0000000280)={0x80000000})

00:24:57 executing program 4:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040))

[  314.543733][T24824] tmpfs: Bad value for 'gid'
00:24:58 executing program 1:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x40085203, &(0x7f0000001680))

00:24:58 executing program 3:
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
prctl$PR_GET_IO_FLUSHER(0x1c)

00:24:58 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)=[0xffffffffffffffff], 0x0)

00:24:58 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='gid='])

[  314.581563][T24832] tmpfs: Bad value for 'gid'
[  314.584704][T24831] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  314.606269][ T1033]  loop2: p2 < > p3 p4
[  314.619919][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
00:24:58 executing program 3:
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
prctl$PR_GET_IO_FLUSHER(0x1c)

00:24:58 executing program 1:
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RNDGETENTCNT(r0, 0x40085203, &(0x7f0000001680))

[  314.635555][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.641741][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  314.665219][T24845] tmpfs: Bad value for 'gid'
[  314.708426][ T1033]  loop1: p2 < > p3 p4
[  314.708503][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.708872][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.708885][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:58 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r2, 0x0)
preadv(r1, &(0x7f0000000280)=[{0x0, 0xfffffffffffffe7b}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x400b012, r1, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff009b4b299667b70536342623b372d82fefa01f9a2d83297f99b4e597f4e9fad324868e83f474d0c3549b582f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b314a", 0xff7c}], 0x1)

00:24:58 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='gid='])

00:24:58 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r1, 0x40286608, &(0x7f0000000280)={0x80000000})

00:24:58 executing program 3:
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
prctl$PR_GET_IO_FLUSHER(0x1c)

00:24:58 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)=[0xffffffffffffffff], 0x0)

00:24:58 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40485404, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x1}})

[  314.768242][ T1033]  loop2: p2 < > p3 p4
[  314.772353][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.780040][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.786241][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:58 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='gid='])

00:24:58 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40485404, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x1}})

00:24:58 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)=[0xffffffffffffffff], 0x0)

00:24:58 executing program 3:
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
prctl$PR_GET_IO_FLUSHER(0x1c)

[  314.819179][T24879] tmpfs: Bad value for 'gid'
[  314.837095][T24883] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
00:24:58 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x1000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r1, 0x40286608, &(0x7f0000000280)={0x80000000})

00:24:58 executing program 5:
r0 = memfd_create(&(0x7f0000000340)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0)
write$binfmt_misc(r0, &(0x7f0000000140)=ANY=[], 0x4)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
writev(r0, &(0x7f00000026c0)=[{0x0}, {0x0}, {&(0x7f00000005c0)="96", 0x1}], 0x3)

[  314.888588][T24887] tmpfs: Bad value for 'gid'
[  314.898576][ T1033]  loop2: p2 < > p3 p4
[  314.898626][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  314.899285][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  314.899296][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  314.930679][T24903] EXT4-fs warning (device sda1): ext4_group_add:1667: No reserved GDT blocks, can't resize
[  314.974432][ T1033]  loop1: p2 < > p3 p4
[  314.974525][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  314.974876][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  314.984996][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  315.007053][ T1033]  loop1: p2 < > p3 p4
[  315.007086][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.007482][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  315.017591][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:58 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r2, 0x0)
preadv(r1, &(0x7f0000000280)=[{0x0, 0xfffffffffffffe7b}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x400b012, r1, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000040)="9f8194be5ace602f096d07ff009b4b299667b70536342623b372d82fefa01f9a2d83297f99b4e597f4e9fad324868e83f474d0c3549b582f00c51c638e6aea4a8dee825286b31a260e60482bb0b4179b314a", 0xff7c}], 0x1)

00:24:58 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40485404, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x1}})

00:24:58 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x139, &(0x7f0000001340)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255346f930000ffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2c43a2316418ba9eb1f8fac57719b6650c7016af47d3160960f4dc0f5e233b32d191e7e4038ed607016ac06e8214ed7d77cea361915907969ff9f43a5aba17ec18f82611bd8eaa876fcc5ff9eac52567ecc1e30746c21060f7aeee1160a26ea18d388ae82180105572516041514566a35650c3f8c39388cc5b3aab2edc6a68af8873f3ddf84521dc060955bde2fff5bf4247701e2745a31ffdc0f3d96521fd6d5707ad"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:58 executing program 5:
symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2000, 0x0)

00:24:58 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)=[0xffffffffffffffff], 0x0)

00:24:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result={0x5}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result={0x5}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:58 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)

00:24:58 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:58 executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40485404, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x1}})

00:24:58 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x139, &(0x7f0000001340)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255346f930000ffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2c43a2316418ba9eb1f8fac57719b6650c7016af47d3160960f4dc0f5e233b32d191e7e4038ed607016ac06e8214ed7d77cea361915907969ff9f43a5aba17ec18f82611bd8eaa876fcc5ff9eac52567ecc1e30746c21060f7aeee1160a26ea18d388ae82180105572516041514566a35650c3f8c39388cc5b3aab2edc6a68af8873f3ddf84521dc060955bde2fff5bf4247701e2745a31ffdc0f3d96521fd6d5707ad"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

[  315.233014][ T1033]  loop2: p2 < > p3 p4
[  315.237210][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  315.262024][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  315.268232][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:58 executing program 1:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getpgid(0x0)

[  315.338348][ T1033]  loop1: p2 < > p3 p4
[  315.338383][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.343671][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  315.343753][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  315.366665][ T1033]  loop1: p2 < > p3 p4
[  315.389320][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.389701][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  315.389714][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  315.417719][ T1033]  loop2: p2 < > p3 p4
[  315.417759][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  315.418386][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  315.418396][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  315.430406][ T1033]  loop1: p2 < > p3 p4
[  315.447846][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.448375][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  315.448386][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:58 executing program 1:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:58 executing program 0:
r0 = socket(0x11, 0x2, 0x0)
setsockopt$inet_udp_int(r0, 0x11, 0x0, 0x0, 0x0)

00:24:58 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:58 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x139, &(0x7f0000001340)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255346f930000ffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2c43a2316418ba9eb1f8fac57719b6650c7016af47d3160960f4dc0f5e233b32d191e7e4038ed607016ac06e8214ed7d77cea361915907969ff9f43a5aba17ec18f82611bd8eaa876fcc5ff9eac52567ecc1e30746c21060f7aeee1160a26ea18d388ae82180105572516041514566a35650c3f8c39388cc5b3aab2edc6a68af8873f3ddf84521dc060955bde2fff5bf4247701e2745a31ffdc0f3d96521fd6d5707ad"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:58 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)

00:24:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result={0x5}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:59 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0)

00:24:59 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:59 executing program 3:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x139, &(0x7f0000001340)="c4c691019919da078a0098d1e0a59320ff79b040f762910016775a8454cc16dc38f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689bce0e2db60713a3a7eeba5c9c6a47312334c2a97a4837714569255346f930000ffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2c43a2316418ba9eb1f8fac57719b6650c7016af47d3160960f4dc0f5e233b32d191e7e4038ed607016ac06e8214ed7d77cea361915907969ff9f43a5aba17ec18f82611bd8eaa876fcc5ff9eac52567ecc1e30746c21060f7aeee1160a26ea18d388ae82180105572516041514566a35650c3f8c39388cc5b3aab2edc6a68af8873f3ddf84521dc060955bde2fff5bf4247701e2745a31ffdc0f3d96521fd6d5707ad"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x17)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
r1 = gettid()
tkill(r1, 0x34)

00:24:59 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result={0x5}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:59 executing program 1:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:59 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)

[  315.640623][T25016] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=25016 comm=syz-executor.0
00:24:59 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:59 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x1002}}, 0x2a4080)

00:24:59 executing program 2:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000480)="66530700ae897094e71b0fa1f147a8378f364602812c66538d750f6ee1d001f43f0500bb9fb045f2d1eaa302ab6c2fef2308003ea1315b9532f3af2f5e153eb78020fa00eb298802d8f6c1f3b18d6d352507f7018b31a53bad1ec3533c791a753a1fef2c560001000000000000fb8005128e7e4d939955f8ac396203784000400f573fbf000000000000000761f35e959f130dec95128ce7ec033dc0a380543bfc99320be1c1bb99bb063fb66f2d696569eada31b09fd215f0332701d9d14a3f9209d666578cc0266bce7860eaaf305a0ee2", 0xd2}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x5)
tkill(r0, 0x1e)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
exit_group(0x0)

00:24:59 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)

[  315.682747][ T1033]  loop2: p2 < > p3 p4
00:24:59 executing program 1:
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="ab"], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote, 0x18, r1})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000), 0x4)
r3 = socket(0xa, 0x1, 0x0)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

00:24:59 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0)

[  315.706444][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  315.727400][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  315.733585][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  315.744459][   T25] kauditd_printk_skb: 6 callbacks suppressed
00:24:59 executing program 5:
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000001700)=ANY=[], 0xfd14)
sync_file_range(r0, 0x0, 0x0, 0x3)

00:24:59 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  315.744485][   T25] audit: type=1326 audit(1622420699.178:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  315.757640][T25044] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=25044 comm=syz-executor.0
00:24:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x101000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)
truncate(&(0x7f0000000140)='./bus\x00', 0xff6)
sendfile(r1, r0, 0x0, 0x1)

00:24:59 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:24:59 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x1002}}, 0x2a4080)

00:24:59 executing program 5:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
clone(0x20002004dfc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
fstat(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0)
preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setreuid(0xee00, r3)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)

[  315.823906][ T1033]  loop1: p2 < > p3 p4
[  315.833301][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.839914][   T25] audit: type=1326 audit(1622420699.228:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x4665d9 code=0x7ffc0000
[  315.845693][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:24:59 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, 0x22, 0xa01}, 0xfffffd3f}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r4, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:24:59 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x1002}}, 0x2a4080)

00:24:59 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  315.870134][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:59 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0)

[  315.913804][   T25] audit: type=1326 audit(1622420699.228:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  315.926124][T25068] new mount options do not match the existing superblock, will be ignored
00:24:59 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x1002}}, 0x2a4080)

00:24:59 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:24:59 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x10e, &(0x7f0000000440)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabebae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fcf561c33f46ab89803f47d97e04f7bf9cafb006ae29480408c8380cf060dd72462ccc5b7d195a113bc539df6591cd574a02d4d9b9f3ebce31bd7582018ded8ceb71e75417dabc45f9fa0503befdcd0874ae979bc9581d6a854d4dfb7ffaed09bfcf330c365988c05e12ed069a42c964f79e16ad22f95ffaf5"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

[  315.971680][ T1033]  loop1: p2 < > p3 p4
[  315.985491][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  315.993075][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  315.999450][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:24:59 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x4, 0x0)

[  316.006983][   T25] audit: type=1326 audit(1622420699.228:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.031473][T25090] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=25090 comm=syz-executor.0
[  316.077191][   T25] audit: type=1326 audit(1622420699.228:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=304 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.084164][ T1033]  loop2: p2 < > p3 p4
[  316.103017][   T25] audit: type=1326 audit(1622420699.238:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.112328][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  316.133066][   T25] audit: type=1326 audit(1622420699.238:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=157 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.145992][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  316.165921][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:24:59 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x101000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)
truncate(&(0x7f0000000140)='./bus\x00', 0xff6)
sendfile(r1, r0, 0x0, 0x1)

00:24:59 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x10e, &(0x7f0000000440)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabebae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fcf561c33f46ab89803f47d97e04f7bf9cafb006ae29480408c8380cf060dd72462ccc5b7d195a113bc539df6591cd574a02d4d9b9f3ebce31bd7582018ded8ceb71e75417dabc45f9fa0503befdcd0874ae979bc9581d6a854d4dfb7ffaed09bfcf330c365988c05e12ed069a42c964f79e16ad22f95ffaf5"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:24:59 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14}, 0x14}}, 0x0)

00:24:59 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f80000200040000000000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000040))

[  316.174136][   T25] audit: type=1326 audit(1622420699.238:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.207602][   T25] audit: type=1326 audit(1622420699.238:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.232626][ T1033]  loop2: p2 < > p3 p4
[  316.237362][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  316.237831][T25121] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=25121 comm=syz-executor.0
[  316.259615][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  316.265838][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  316.269221][   T25] audit: type=1326 audit(1622420699.238:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25034 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000
[  316.277641][T25125] loop4: detected capacity change from 0 to 64
[  316.319688][T25125] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  316.333001][T25125] FAT-fs (loop4): Directory bread(block 64) failed
[  316.333143][ T1033]  loop1: p2 < > p3 p4
[  316.340817][T25125] FAT-fs (loop4): Directory bread(block 65) failed
[  316.343938][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  316.350932][T25125] FAT-fs (loop4): Directory bread(block 66) failed
[  316.357631][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  316.367156][T25125] FAT-fs (loop4): Directory bread(block 67) failed
[  316.369518][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  316.376636][T25125] FAT-fs (loop4): Directory bread(block 68) failed
[  316.390659][T25125] FAT-fs (loop4): Directory bread(block 69) failed
[  316.397361][T25125] FAT-fs (loop4): Directory bread(block 70) failed
[  316.415172][T25125] FAT-fs (loop4): Directory bread(block 71) failed
[  316.422414][T25125] FAT-fs (loop4): Directory bread(block 72) failed
[  316.429687][T25125] FAT-fs (loop4): Directory bread(block 73) failed
[  316.503596][ T1033]  loop1: p2 < > p3 p4
[  316.507811][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  316.514477][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  316.520675][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:00 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, 0x22, 0xa01}, 0xfffffd3f}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r4, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:25:00 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x4, 0x0)

00:25:00 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

00:25:00 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x10e, &(0x7f0000000440)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabebae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fcf561c33f46ab89803f47d97e04f7bf9cafb006ae29480408c8380cf060dd72462ccc5b7d195a113bc539df6591cd574a02d4d9b9f3ebce31bd7582018ded8ceb71e75417dabc45f9fa0503befdcd0874ae979bc9581d6a854d4dfb7ffaed09bfcf330c365988c05e12ed069a42c964f79e16ad22f95ffaf5"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:25:00 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f80000200040000000000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000040))

00:25:00 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x101000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)
truncate(&(0x7f0000000140)='./bus\x00', 0xff6)
sendfile(r1, r0, 0x0, 0x1)

00:25:00 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x10e, &(0x7f0000000440)="c4c691019919da078a0098d1e0a593b040f7629100f06ee04fa4ea57ff22ea97be19af3dcba01419cd2386ad59157689c9c6a47312334c2a97ac2b7f0fb4aabebae8dc5dffbcd48a70502173d6efa56b60f48cf0c9d0989ecbbfc220bd2b39df9ad8d6b14910f4a869863009780dd6e673a02f7ed829932929af9dffb1fa2cd7328202ac55f4f5dbb8494120f79d5f60958691a8a3fcf561c33f46ab89803f47d97e04f7bf9cafb006ae29480408c8380cf060dd72462ccc5b7d195a113bc539df6591cd574a02d4d9b9f3ebce31bd7582018ded8ceb71e75417dabc45f9fa0503befdcd0874ae979bc9581d6a854d4dfb7ffaed09bfcf330c365988c05e12ed069a42c964f79e16ad22f95ffaf5"}}], 0x1c)
wait4(0x0, 0x0, 0x80000000, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x17)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080))
r2 = gettid()
tkill(r2, 0x34)

00:25:00 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x4, 0x0)

[  316.765230][ T1033]  loop2: p2 < > p3 p4
[  316.769526][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  316.780186][T25171] loop4: detected capacity change from 0 to 64
[  316.782998][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  316.792537][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  316.800568][T25171] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  316.822662][T25171] FAT-fs (loop4): Directory bread(block 64) failed
[  316.838318][ T1033]  loop1: p2 < > p3 p4
[  316.843892][T25171] FAT-fs (loop4): Directory bread(block 65) failed
[  316.848739][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  316.851378][T25171] FAT-fs (loop4): Directory bread(block 66) failed
[  316.863617][T25171] FAT-fs (loop4): Directory bread(block 67) failed
00:25:00 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0x4, 0x0)

00:25:00 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
close_range(r0, r2, 0x0)

[  316.870719][T25171] FAT-fs (loop4): Directory bread(block 68) failed
[  316.877981][T25171] FAT-fs (loop4): Directory bread(block 69) failed
[  316.878273][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  316.884626][T25171] FAT-fs (loop4): Directory bread(block 70) failed
[  316.890760][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  316.898074][T25171] FAT-fs (loop4): Directory bread(block 71) failed
[  316.912919][T25171] FAT-fs (loop4): Directory bread(block 72) failed
00:25:00 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f80000200040000000000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000040))

00:25:00 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

[  316.926931][T25171] FAT-fs (loop4): Directory bread(block 73) failed
[  317.019843][T25216] loop4: detected capacity change from 0 to 64
[  317.028742][T25216] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  317.039485][ T1033]  loop1: p2 < > p3 p4
[  317.040855][T25216] FAT-fs (loop4): Directory bread(block 64) failed
[  317.044132][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  317.051275][T25216] FAT-fs (loop4): Directory bread(block 65) failed
[  317.063230][T25216] FAT-fs (loop4): Directory bread(block 66) failed
[  317.066685][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  317.071987][T25216] FAT-fs (loop4): Directory bread(block 67) failed
[  317.075867][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  317.082442][T25216] FAT-fs (loop4): Directory bread(block 68) failed
[  317.096536][T25216] FAT-fs (loop4): Directory bread(block 69) failed
[  317.103117][T25216] FAT-fs (loop4): Directory bread(block 70) failed
[  317.109647][T25216] FAT-fs (loop4): Directory bread(block 71) failed
[  317.116172][T25216] FAT-fs (loop4): Directory bread(block 72) failed
[  317.122712][T25216] FAT-fs (loop4): Directory bread(block 73) failed
00:25:01 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, 0x22, 0xa01}, 0xfffffd3f}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r4, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:25:01 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

00:25:01 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x101000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x80000001)
truncate(&(0x7f0000000140)='./bus\x00', 0xff6)
sendfile(r1, r0, 0x0, 0x1)

00:25:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
close_range(r0, r2, 0x0)

00:25:01 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

00:25:01 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000200000004f80000200040000000000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000040))

00:25:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
close_range(r0, r2, 0x0)

[  317.695747][ T1033]  loop2: p2 < > p3 p4
[  317.700386][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  317.708208][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  317.714560][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  317.729361][T25246] loop4: detected capacity change from 0 to 64
00:25:01 executing program 0:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

[  317.746586][T25246] FAT-fs (loop4): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  317.755986][ T1033]  loop1: p2 < > p3 p4
[  317.760924][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  317.768844][T25246] FAT-fs (loop4): Directory bread(block 64) failed
[  317.775816][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  317.781997][T25246] FAT-fs (loop4): Directory bread(block 65) failed
[  317.782873][T25246] FAT-fs (loop4): Directory bread(block 66) failed
00:25:01 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

00:25:01 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/unix\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
close_range(r0, r2, 0x0)

[  317.788523][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  317.835391][T25246] FAT-fs (loop4): Directory bread(block 67) failed
[  317.848585][T25246] FAT-fs (loop4): Directory bread(block 68) failed
00:25:01 executing program 1:
move_pages(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000076000/0x2000)=nil], &(0x7f0000000040), 0xffffffffffffffff, 0x0)

00:25:01 executing program 5:
set_mempolicy(0x1, &(0x7f0000000000)=0x7, 0x6)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0)

[  317.881441][T25246] FAT-fs (loop4): Directory bread(block 69) failed
[  317.896027][T25246] FAT-fs (loop4): Directory bread(block 70) failed
[  317.903356][T25246] FAT-fs (loop4): Directory bread(block 71) failed
[  317.913436][T25246] FAT-fs (loop4): Directory bread(block 72) failed
[  317.920563][T25246] FAT-fs (loop4): Directory bread(block 73) failed
[  317.997830][ T1033]  loop1: p2 < > p3 p4
[  318.002409][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  318.009832][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  318.016110][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:02 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
write$binfmt_misc(r1, 0x0, 0x4240a2a0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f00000001c0)="d6", 0x1}], 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
read(r0, &(0x7f0000000040)=""/21, 0x15)

00:25:02 executing program 2:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, 0x22, 0xa01}, 0xfffffd3f}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r4, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

00:25:02 executing program 5:
set_mempolicy(0x1, &(0x7f0000000000)=0x7, 0x6)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0)

00:25:02 executing program 1:
move_pages(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000076000/0x2000)=nil], &(0x7f0000000040), 0xffffffffffffffff, 0x0)

00:25:02 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_buf(r0, 0x107, 0x1, 0x0, 0x0)

00:25:02 executing program 0:
r0 = semget$private(0x0, 0x7, 0x0)
semop(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x1800}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x10)

00:25:02 executing program 1:
move_pages(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000076000/0x2000)=nil], &(0x7f0000000040), 0xffffffffffffffff, 0x0)

00:25:02 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_buf(r0, 0x107, 0x1, 0x0, 0x0)

00:25:02 executing program 5:
set_mempolicy(0x1, &(0x7f0000000000)=0x7, 0x6)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0)

[  318.569987][ T1033]  loop2: p2 < > p3 p4
[  318.574199][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  318.597688][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  318.603865][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:02 executing program 1:
move_pages(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000076000/0x2000)=nil], &(0x7f0000000040), 0xffffffffffffffff, 0x0)

00:25:02 executing program 0:
r0 = semget$private(0x0, 0x7, 0x0)
semop(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x1800}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x10)

00:25:02 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_buf(r0, 0x107, 0x1, 0x0, 0x0)

00:25:02 executing program 5:
set_mempolicy(0x1, &(0x7f0000000000)=0x7, 0x6)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0)

[  318.665501][ T1033]  loop1: p2 < > p3 p4
[  318.674235][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  318.686542][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  318.692792][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  318.771570][ T1033]  loop1: p2 < > p3 p4
[  318.775953][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  318.782836][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  318.789166][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:02 executing program 5:
sendmsg$sock(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef", 0x3a, 0x400}, {&(0x7f0000010100)="000000000000000000000000000000000000000000000000000000005178aedb0300000013000000230000002b0005", 0x2f, 0x7e0}, {&(0x7f0000010160)="ffff05000c000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff020000000c0001022e000000020000000c0002022e2e00000b000000dc", 0x41d, 0xc00}, {&(0x7f00000108c0)="ff07", 0x2, 0x4c00}, {&(0x7f0000010ce0)="00000000000000000000000000000000000000000000000000000000c99b0000ed410000000400009f09c75f9f09c75f9f09c75f00000000000003000200000000000800000000000af301000400000000000000000000000100000004", 0x5d, 0x8c60}], 0x0, &(0x7f0000010f60))
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0)

00:25:02 executing program 0:
r0 = semget$private(0x0, 0x7, 0x0)
semop(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x1800}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x10)

00:25:02 executing program 3:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x6, 0x1, 0x301}, 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(r0, 0x0, r2, 0x0, 0x447fe7, 0x0)

00:25:02 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r1, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})

00:25:02 executing program 4:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_buf(r0, 0x107, 0x1, 0x0, 0x0)

00:25:02 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:02 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r1, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})

00:25:02 executing program 0:
r0 = semget$private(0x0, 0x7, 0x0)
semop(r0, &(0x7f0000000180)=[{0x0, 0x0, 0x1800}], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x10)

00:25:03 executing program 5:
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x0)

00:25:03 executing program 4:
mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x4, @tid=0xffffffffffffffff})

[  319.484718][ T1033]  loop2: p2 < > p3 p4
[  319.497887][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  319.513870][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  319.520046][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:03 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r1, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})

00:25:03 executing program 4:
mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x4, @tid=0xffffffffffffffff})

00:25:03 executing program 0:
r0 = socket$inet(0x2, 0xa, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x891b, &(0x7f0000001a80)={'sit0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x891c, &(0x7f0000001a80)={'sit0\x00'})

00:25:03 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000080)={{0x1b, 0x5b, 0x3b, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa32, 0xa6d, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)

[  319.589328][ T1033]  loop1: p2 < > p3 p4
[  319.599247][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  319.621566][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  319.627764][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  319.689933][ T1033]  loop1: p2 < > p3 p4
[  319.701374][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  319.709725][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  319.715964][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  319.732023][ T1033]  loop2: p2 < > p3 p4
[  319.736197][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  319.743131][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  319.749422][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:03 executing program 3:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x6, 0x1, 0x301}, 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(r0, 0x0, r2, 0x0, 0x447fe7, 0x0)

00:25:03 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:03 executing program 4:
mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x4, @tid=0xffffffffffffffff})

00:25:03 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000080)={{0x1b, 0x5b, 0x3b, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa32, 0xa6d, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)

00:25:03 executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r1, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x5452, &(0x7f0000000080)={0x0, 0x0, 0x48d1})

00:25:03 executing program 0:
r0 = socket$inet(0x2, 0xa, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x891b, &(0x7f0000001a80)={'sit0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x891c, &(0x7f0000001a80)={'sit0\x00'})

00:25:03 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:03 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000080)={{0x1b, 0x5b, 0x3b, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa32, 0xa6d, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)

00:25:03 executing program 0:
r0 = socket$inet(0x2, 0xa, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x891b, &(0x7f0000001a80)={'sit0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x891c, &(0x7f0000001a80)={'sit0\x00'})

00:25:03 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:03 executing program 4:
mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x4, @tid=0xffffffffffffffff})

00:25:03 executing program 2:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

[  320.424509][ T1033]  loop1: p2 < > p3 p4
[  320.430889][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  320.453650][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  320.459865][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  320.529594][ T1033]  loop2: p2 < > p3 p4
[  320.533726][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  320.541378][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  320.547578][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  320.567719][ T1033]  loop2: p2 < > p3 p4
[  320.571882][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  320.578791][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  320.585520][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  320.603377][ T1033]  loop1: p2 < > p3 p4
[  320.607510][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  320.614246][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  320.620541][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  320.641619][ T1033]  loop2: p2 < > p3 p4
[  320.645757][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  320.652602][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  320.658953][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:04 executing program 3:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x6, 0x1, 0x301}, 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(r0, 0x0, r2, 0x0, 0x447fe7, 0x0)

00:25:04 executing program 5:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r0, &(0x7f0000000080)={{0x1b, 0x5b, 0x3b, 0x7, 0x0, 0x0, 0x0, 0x0, 0xa32, 0xa6d, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)

00:25:04 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:04 executing program 0:
r0 = socket$inet(0x2, 0xa, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x891b, &(0x7f0000001a80)={'sit0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x891c, &(0x7f0000001a80)={'sit0\x00'})

00:25:04 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001d80)={0x18, 0x42, 0xa01, 0x0, 0x0, {}, [@nested={0x4}]}, 0x18}}, 0x0)

00:25:04 executing program 2:
timer_create(0x3, 0x0, &(0x7f0000000500))
clock_gettime(0x0, &(0x7f0000000740)={<r0=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000780)={{0x77359400}, {r0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000740)={<r2=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000780)={{0x77359400}, {r2}}, 0x0)

00:25:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000080000000300000001000000004000000040000020000000def4655fdef4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@init_itable_val}]})

00:25:04 executing program 1:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x0)
lseek(r0, 0xe5c2, 0x0)

00:25:04 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

00:25:04 executing program 2:
timer_create(0x3, 0x0, &(0x7f0000000500))
clock_gettime(0x0, &(0x7f0000000740)={<r0=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000780)={{0x77359400}, {r0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000740)={<r2=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000780)={{0x77359400}, {r2}}, 0x0)

00:25:04 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001d80)={0x18, 0x42, 0xa01, 0x0, 0x0, {}, [@nested={0x4}]}, 0x18}}, 0x0)

[  321.326262][ T1033]  loop1: p2 < > p3 p4
[  321.335066][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  321.364530][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:25:04 executing program 2:
timer_create(0x3, 0x0, &(0x7f0000000500))
clock_gettime(0x0, &(0x7f0000000740)={<r0=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000780)={{0x77359400}, {r0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000740)={<r2=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000780)={{0x77359400}, {r2}}, 0x0)

[  321.370779][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  321.378127][T25518] loop0: detected capacity change from 0 to 4
[  321.391895][ T1033]  loop2: p2 < > p3 p4
[  321.397493][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  321.404567][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  321.410764][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  321.424329][T25518] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  321.452101][ T1033]  loop2: p2 < > p3 p4
[  321.456345][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  321.463193][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  321.469415][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  321.495177][ T1033]  loop2: p2 < > p3 p4
[  321.499379][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  321.505918][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  321.512112][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:05 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

00:25:05 executing program 3:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0)
preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x6, 0x1, 0x301}, 0x14}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(r0, 0x0, r2, 0x0, 0x447fe7, 0x0)

00:25:05 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

00:25:05 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001d80)={0x18, 0x42, 0xa01, 0x0, 0x0, {}, [@nested={0x4}]}, 0x18}}, 0x0)

00:25:05 executing program 2:
timer_create(0x3, 0x0, &(0x7f0000000500))
clock_gettime(0x0, &(0x7f0000000740)={<r0=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000780)={{0x77359400}, {r0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000740)={<r2=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000780)={{0x77359400}, {r2}}, 0x0)

00:25:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000080000000300000001000000004000000040000020000000def4655fdef4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@init_itable_val}]})

00:25:05 executing program 4:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001d80)={0x18, 0x42, 0xa01, 0x0, 0x0, {}, [@nested={0x4}]}, 0x18}}, 0x0)

00:25:05 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

00:25:05 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

[  322.186986][ T1033]  loop1: p2 < > p3 p4
[  322.197593][T25563] loop0: detected capacity change from 0 to 4
[  322.197643][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
00:25:05 executing program 2:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:05 executing program 4:
io_setup(0x7, &(0x7f0000000000))
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x8)

[  322.229581][T25563] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  322.240647][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  322.246839][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  322.249253][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:25:05 executing program 5:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

00:25:05 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000001740), 0x0, 0x0)
ioctl$BLKRRPART(r0, 0x401070cd, 0x0)

[  322.294252][ T1033]  loop2: p2 < > p3 p4
[  322.307583][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  322.322144][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  322.328348][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  322.377373][ T1033]  loop1: p2 < > p3 p4
[  322.381477][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  322.388709][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  322.394886][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

00:25:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000080000000300000001000000004000000040000020000000def4655fdef4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@init_itable_val}]})

00:25:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c010000100013000002000000000000000000000000200100000000000000000000f4ffff0101000000000000000a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000010000000000000000000000000000000032000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000a00000300000000000000004c001200060000000000000067636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x13c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0x2, 0x0)

00:25:06 executing program 4:
io_setup(0x7, &(0x7f0000000000))
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:25:06 executing program 3:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r1, &(0x7f00000004c0)={{0x1b, 0x5d, 0x8, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, [{}]}, 0x78)

00:25:06 executing program 3:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r1, &(0x7f00000004c0)={{0x1b, 0x5d, 0x8, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, [{}]}, 0x78)

00:25:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c010000100013000002000000000000000000000000200100000000000000000000f4ffff0101000000000000000a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000010000000000000000000000000000000032000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000a00000300000000000000004c001200060000000000000067636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x13c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0x2, 0x0)

[  323.062233][T25620] loop0: detected capacity change from 0 to 4
[  323.072816][T25620] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
00:25:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c010000100013000002000000000000000000000000200100000000000000000000f4ffff0101000000000000000a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000010000000000000000000000000000000032000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000a00000300000000000000004c001200060000000000000067636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x13c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0x2, 0x0)

00:25:06 executing program 2:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000600000000f000000080000000300000001000000004000000040000020000000def4655fdef4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000040)={[{@init_itable_val}]})

00:25:06 executing program 4:
io_setup(0x7, &(0x7f0000000000))
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:25:06 executing program 3:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r1, &(0x7f00000004c0)={{0x1b, 0x5d, 0x8, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, [{}]}, 0x78)

00:25:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

[  323.201193][ T1033]  loop2: p2 < > p3 p4
[  323.221873][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  323.234013][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  323.245395][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  323.251567][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  323.262609][T25665] loop0: detected capacity change from 0 to 4
00:25:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c010000100013000002000000000000000000000000200100000000000000000000f4ffff0101000000000000000a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000010000000000000000000000000000000032000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000a00000300000000000000004c001200060000000000000067636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x13c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r1, &(0x7f0000000180), 0x2, 0x0)

00:25:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

00:25:06 executing program 3:
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$binfmt_elf64(r1, &(0x7f00000004c0)={{0x1b, 0x5d, 0x8, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, [{}]}, 0x78)

00:25:06 executing program 4:
io_setup(0x7, &(0x7f0000000000))
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x8)

00:25:06 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

[  323.272725][T25665] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
00:25:06 executing program 5:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:06 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f00000002c0), 0x0, 0x0)
r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f000037f000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0)

[  323.360624][ T1033]  loop1: p2 < > p3 p4
[  323.379500][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  323.395839][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  323.409182][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  323.415351][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  323.448016][ T1033]  loop1: p2 < > p3 p4
[  323.452539][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  323.460611][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  323.466804][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  323.556078][ T1033]  loop1: p2 < > p3 p4
[  323.561492][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  323.568900][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  323.575077][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:07 executing program 2:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:07 executing program 4:
madvise(&(0x7f0000000000/0x4000)=nil, 0xfffffffffffffff4, 0x8)

00:25:07 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

00:25:07 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

00:25:07 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f00000002c0), 0x0, 0x0)
r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f000037f000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0)

00:25:07 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f00000002c0), 0x0, 0x0)
r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f000037f000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0)

[  324.106131][ T1033]  loop2: p2 < > p3 p4
[  324.110376][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  324.144991][ T1033] loop2: p3 start 225 is beyond EOD, truncated
00:25:07 executing program 4:
madvise(&(0x7f0000000000/0x4000)=nil, 0xfffffffffffffff4, 0x8)

00:25:07 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$loop(&(0x7f00000002c0), 0x0, 0x0)
r0 = syz_io_uring_setup(0x2de1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f000037f000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x302, 0x0, 0x0, 0x0, 0x0)

00:25:07 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x4, 0x80, 0x1f, 0x0, 0x1, 0x0, 0x0, 0x81, 0x824b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x3}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00')
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r2 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8801)
mmap$perf(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x3000002, 0x40032, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
preadv(r2, &(0x7f0000000300), 0x0, 0x8000, 0x6a)
socket$inet(0x2, 0x5, 0x3f)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = fork()
move_pages(r3, 0x0, &(0x7f0000000080), &(0x7f0000000100)=[0x8, 0x3, 0x82, 0x40000000, 0x4], &(0x7f00000000c0), 0x6)
mremap(&(0x7f0000f23000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000cde000/0x4000)=nil)
setuid(0x0)
lchown(&(0x7f0000000140)='./file0\x00', 0x0, 0xee01)
mbind(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4000, &(0x7f00000001c0)=0x7f, 0xffff, 0x7)
mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000f5b000/0x2000)=nil, 0x2000, 0x4000, 0x0, 0x2, 0x3)

[  324.151306][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  324.176024][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:25:07 executing program 1:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x4000000a, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x3c)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f00000002c0)="f47970da7c2fd541e0656c5762306aa606a0c2a76e59b65fa78fb184da006cabbd58564cf09dcac54f6d212e05d23391ff083d38ff122a776e08af2025580c72249ad2f5366f60b87a982a8066b10f8b85b47e770f548fd2e3c6a8323152fbeebdec6058daee7c23390ee172a191a599fd3d69623481e1af603fc9d42b2f7173f23f843eb6669d9de930445756424b355d08c8786bf6e250deae7a6d8332607f93938fabe2e77eb4ff46d2b6acf3307cc56a31"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:25:07 executing program 5:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:07 executing program 4:
madvise(&(0x7f0000000000/0x4000)=nil, 0xfffffffffffffff4, 0x8)

[  324.285465][ T1033]  loop1: p2 < > p3 p4
[  324.290035][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  324.300733][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  324.306928][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  324.406434][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:25:08 executing program 1:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x4000000a, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x3c)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f00000002c0)="f47970da7c2fd541e0656c5762306aa606a0c2a76e59b65fa78fb184da006cabbd58564cf09dcac54f6d212e05d23391ff083d38ff122a776e08af2025580c72249ad2f5366f60b87a982a8066b10f8b85b47e770f548fd2e3c6a8323152fbeebdec6058daee7c23390ee172a191a599fd3d69623481e1af603fc9d42b2f7173f23f843eb6669d9de930445756424b355d08c8786bf6e250deae7a6d8332607f93938fabe2e77eb4ff46d2b6acf3307cc56a31"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:25:08 executing program 2:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:08 executing program 0:
r0 = socket$inet6(0xa, 0x2000000080803, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x32}, 0x0, @in6=@private0}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)

00:25:08 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCH_MFLUSH(r0, 0x80089203, 0xfffffffffffdfffd)

00:25:08 executing program 4:
madvise(&(0x7f0000000000/0x4000)=nil, 0xfffffffffffffff4, 0x8)

[  325.041181][ T1033]  loop2: p2 < > p3 p4
[  325.045309][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  325.067774][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  325.079096][ T1033] loop2: p3 start 225 is beyond EOD, truncated
00:25:08 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCH_MFLUSH(r0, 0x80089203, 0xfffffffffffdfffd)

00:25:08 executing program 4:
epoll_create(0x7)
pselect6(0x40, &(0x7f0000000080)={0x8}, 0x0, 0x0, &(0x7f0000000180), 0x0)

00:25:08 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
exit_group(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001400)={0x1, &(0x7f00000013c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

[  325.085287][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:08 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCH_MFLUSH(r0, 0x80089203, 0xfffffffffffdfffd)

00:25:08 executing program 4:
epoll_create(0x7)
pselect6(0x40, &(0x7f0000000080)={0x8}, 0x0, 0x0, &(0x7f0000000180), 0x0)

00:25:08 executing program 5:
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="913e4b81ecea32c4dd"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000200)={0x4, 0x0, 0x7, 0x8, 0xff}, 0xc)
socket$inet6(0x10, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0x10, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
recvfrom$inet6(r1, &(0x7f0000000000)=""/35, 0xffffffffffffff13, 0x100, &(0x7f0000001880)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r2 = accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendto$inet6(r1, &(0x7f00000001c0)="9750757e6e", 0x5, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x0, 0x0, 0x600000000000004)

00:25:08 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
ioctl$MON_IOCH_MFLUSH(r0, 0x80089203, 0xfffffffffffdfffd)

[  325.310529][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  325.338623][ T1033] ==================================================================
[  325.346734][ T1033] BUG: KCSAN: data-race in do_readlinkat / vfs_unlink
[  325.353606][ T1033] 
[  325.355902][ T1033] write to 0xffff8881066f9900 of 4 bytes by task 25851 on cpu 1:
[  325.363588][ T1033]  vfs_unlink+0x289/0x400
[  325.367906][ T1033]  do_unlinkat+0x238/0x4f0
[  325.372306][ T1033]  __x64_sys_unlink+0x2c/0x30
[  325.376972][ T1033]  do_syscall_64+0x4a/0x90
[  325.381382][ T1033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  325.387263][ T1033] 
[  325.389628][ T1033] read to 0xffff8881066f9900 of 4 bytes by task 1033 on cpu 0:
[  325.397156][ T1033]  do_readlinkat+0xa9/0x200
[  325.401638][ T1033]  __x64_sys_readlink+0x43/0x50
[  325.406465][ T1033]  do_syscall_64+0x4a/0x90
[  325.410977][ T1033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  325.416941][ T1033] 
[  325.419238][ T1033] value changed: 0x00600008 -> 0x00600108
[  325.424942][ T1033] 
[  325.427257][ T1033] Reported by Kernel Concurrency Sanitizer on:
[  325.433389][ T1033] CPU: 0 PID: 1033 Comm: systemd-udevd Tainted: G        W         5.13.0-rc4-syzkaller #0
[  325.443337][ T1033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  325.453379][ T1033] ==================================================================
[  325.925914][ T1033]  loop2: p2 < > p3 p4
[  325.930415][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  325.937363][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  325.943513][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:11 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
exit_group(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001400)={0x1, &(0x7f00000013c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

00:25:11 executing program 1:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x4000000a, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x3c)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f00000002c0)="f47970da7c2fd541e0656c5762306aa606a0c2a76e59b65fa78fb184da006cabbd58564cf09dcac54f6d212e05d23391ff083d38ff122a776e08af2025580c72249ad2f5366f60b87a982a8066b10f8b85b47e770f548fd2e3c6a8323152fbeebdec6058daee7c23390ee172a191a599fd3d69623481e1af603fc9d42b2f7173f23f843eb6669d9de930445756424b355d08c8786bf6e250deae7a6d8332607f93938fabe2e77eb4ff46d2b6acf3307cc56a31"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:25:11 executing program 4:
epoll_create(0x7)
pselect6(0x40, &(0x7f0000000080)={0x8}, 0x0, 0x0, &(0x7f0000000180), 0x0)

00:25:11 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:11 executing program 2:
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='.\x00', &(0x7f00000002c0)='msdos\x00', 0x0, 0x0)

00:25:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000003340)={0x0, 0x0, &(0x7f0000003300)={&(0x7f0000003140)={0x14}, 0xfffffdef}}, 0x0)

00:25:11 executing program 4:
epoll_create(0x7)
pselect6(0x40, &(0x7f0000000080)={0x8}, 0x0, 0x0, &(0x7f0000000180), 0x0)

[  328.050593][ T1033]  loop1: p2 < > p3 p4
[  328.054794][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  328.071340][T25871] FAT-fs (loop2): bogus number of reserved sectors
[  328.077876][T25871] FAT-fs (loop2): Can't find a valid FAT filesystem
[  328.089742][ T1033] loop1: p3 start 225 is beyond EOD, truncated
00:25:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000003340)={0x0, 0x0, &(0x7f0000003300)={&(0x7f0000003140)={0x14}, 0xfffffdef}}, 0x0)

00:25:11 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:11 executing program 2:
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='.\x00', &(0x7f00000002c0)='msdos\x00', 0x0, 0x0)

[  328.096049][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
[  328.099221][T25871] FAT-fs (loop2): bogus number of reserved sectors
[  328.109754][T25871] FAT-fs (loop2): Can't find a valid FAT filesystem
00:25:11 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
exit_group(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001400)={0x1, &(0x7f00000013c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

00:25:11 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000003340)={0x0, 0x0, &(0x7f0000003300)={&(0x7f0000003140)={0x14}, 0xfffffdef}}, 0x0)

[  328.194949][T25888] FAT-fs (loop2): bogus number of reserved sectors
[  328.201557][T25888] FAT-fs (loop2): Can't find a valid FAT filesystem
[  328.223515][ T1033]  loop2: p2 < > p3 p4
[  328.243360][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  328.252289][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  328.258476][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  328.298517][ T1033]  loop2: p2 < > p3 p4
[  328.302768][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  328.309677][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  328.315843][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:14 executing program 1:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x4000000a, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x3, 0x0, 0x0, 0x0)
tkill(r0, 0x3c)
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0xb3, &(0x7f00000002c0)="f47970da7c2fd541e0656c5762306aa606a0c2a76e59b65fa78fb184da006cabbd58564cf09dcac54f6d212e05d23391ff083d38ff122a776e08af2025580c72249ad2f5366f60b87a982a8066b10f8b85b47e770f548fd2e3c6a8323152fbeebdec6058daee7c23390ee172a191a599fd3d69623481e1af603fc9d42b2f7173f23f843eb6669d9de930445756424b355d08c8786bf6e250deae7a6d8332607f93938fabe2e77eb4ff46d2b6acf3307cc56a31"}}], 0x1c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)

00:25:14 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:14 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:14 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
ptrace$cont(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
exit_group(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001400)={0x1, &(0x7f00000013c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

00:25:14 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000003340)={0x0, 0x0, &(0x7f0000003300)={&(0x7f0000003140)={0x14}, 0xfffffdef}}, 0x0)

00:25:14 executing program 2:
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='.\x00', &(0x7f00000002c0)='msdos\x00', 0x0, 0x0)

00:25:14 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0xa0002011})
epoll_wait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0)

00:25:14 executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

00:25:14 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x48, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ppoll(&(0x7f00000000c0)=[{r1}, {r0}, {r0}, {r0}], 0x4, &(0x7f0000000140), 0x0, 0x0)

[  331.177704][ T1033]  loop1: p2 < > p3 p4
[  331.181862][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  331.198301][T25926] FAT-fs (loop2): bogus number of reserved sectors
[  331.203348][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  331.204852][T25926] FAT-fs (loop2): Can't find a valid FAT filesystem
[  331.211020][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:14 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x924924924924c31, 0x4ffe0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
close(r1)

00:25:14 executing program 2:
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000280)='.\x00', &(0x7f00000002c0)='msdos\x00', 0x0, 0x0)

00:25:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x42)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3)

[  331.269599][   T25] kauditd_printk_skb: 18 callbacks suppressed
[  331.269608][   T25] audit: type=1400 audit(1622420714.708:481): avc:  denied  { block_suspend } for  pid=25931 comm="syz-executor.5" capability=36  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[  331.349891][T25948] FAT-fs (loop2): bogus number of reserved sectors
[  331.354544][T25952] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  331.356428][T25948] FAT-fs (loop2): Can't find a valid FAT filesystem
[  331.389880][ T1033]  loop2: p2 < > p3 p4
[  331.394496][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  331.401224][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  331.407412][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
[  331.439997][ T1033]  loop2: p2 < > p3 p4
[  331.444278][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  331.451081][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  331.457347][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:17 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1}, {0x84}, {0x6}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

00:25:17 executing program 4:
clock_getres(0x0, &(0x7f0000000100))

00:25:17 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x42)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3)

00:25:17 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x924924924924c31, 0x4ffe0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
close(r1)

00:25:17 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0xa0002011})
epoll_wait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0)

00:25:17 executing program 1:
syz_read_part_table(0x0, 0x1, &(0x7f0000001240)=[{&(0x7f00000000c0)="58857a3d36b2a421fcbd9c93acac2519bbc418ffe857af421be74facdf5b46663c238448a951792ab964fa6ad20a4da6716b83244a83b8d47002942bf8866ec9988f91b820b16cad24cbd18c7ea344866c59dde7d1923981b4428cbd46a0f59717f5afc569c066b115acfb36d522bc44bac15c838f3dc4a4a1e93958c8eea3c15bdd3c9f1b8276cd962d3f50950c6a9ac953acb8ef86a689c734af4acbea5460672888e718e453b6743002f04e9f5d6abf9353bbc6a3025939073fcffd8d6f06b731408ac3d60376a3d8b124e7d454859571eeef03991a590e997d999afe1a41576c50ac9c130b828d22db63c7289c210009410b5bf5a093fa88fd3e99b81acc9057b038e35b6b704b1448968e5cf757beec0859c43fc37bb0befa317a52f514b663be5ade92cda9b8e25292fbde9aad0ad00f217a9d969517e32a8dfdf5a0b687e8cfacb80ccd8fc797cb2b832ba84ee0e36b7af2c978cc09f9db0b410d30650efdc832a9eaf82b1ceaa5d97097d97480d5c446e01df399e0f0b49e7c14531b", 0x180, 0x80}])

[  334.293017][ T1033]  loop1: p2 < > p3 p4
[  334.297217][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  334.319389][   T25] audit: type=1326 audit(1622420717.758:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25975 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
00:25:17 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x924924924924c31, 0x4ffe0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
close(r1)

00:25:17 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x42)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3)

00:25:17 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0xa0002011})
epoll_wait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0)

[  334.319989][T25990] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  334.353533][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  334.359747][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:17 executing program 4:
clock_getres(0x0, &(0x7f0000000100))

00:25:17 executing program 1:
mq_open(&(0x7f00000000c0)='\x8b\x17\x18\xfd\"\xaa\x06\xf4\xf5\xcb\xcf\xc4\xe0\xca\x84[\xfa\x9b=\xe2\x90p\xa0\xe9H0Tx\xa5\xda\xe1\xc8\x89\xd2\xea\x96\a}\xd7f(S\xc7\xed\xda\xbeH\n\xdb\x98\xf1\x06\xea\xbf1\x92\xc8\f;c)\x92\xf9\x04\x152\x1a\xe0\x0e\xbec\xc2Si\x82x\x1b*\xf8iqL\x8f\x82\x17\x96T\x03H\xd4\xe0~\x9f\xb2\xea\x99\x95\xb3\x87\xdd\x96\x90\xd5!\x11x\\\xf1S\v\xacL\xc6&\x00\xcb\xa1\xb8\xcb\xf0\xd5\x12D\x18\xbb\xd3\xcco+8l\xd0\xed\x95\xda)\xc8\x93\xdcp5<\xe8i\x96b|\xad\xfd', 0x40, 0x0, 0x0)

00:25:17 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x924924924924c31, 0x4ffe0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
close(r1)

[  334.425546][ T1033]  loop1: p2 < > p3 p4
[  334.437781][T26007] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  334.447632][ T1033] loop1: p2 size 2 extends beyond EOD, truncated
[  334.457635][ T1033] loop1: p3 start 225 is beyond EOD, truncated
[  334.463793][ T1033] loop1: p4 size 3657465856 extends beyond EOD, truncated
00:25:18 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1}, {0x84}, {0x6}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

00:25:18 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0xa0002011})
epoll_wait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0)

00:25:18 executing program 4:
clock_getres(0x0, &(0x7f0000000100))

00:25:18 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x42)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3)

00:25:18 executing program 0:
select(0x40, &(0x7f0000000000), 0x0, 0x0, 0x0)

00:25:18 executing program 1:
mq_open(&(0x7f00000000c0)='\x8b\x17\x18\xfd\"\xaa\x06\xf4\xf5\xcb\xcf\xc4\xe0\xca\x84[\xfa\x9b=\xe2\x90p\xa0\xe9H0Tx\xa5\xda\xe1\xc8\x89\xd2\xea\x96\a}\xd7f(S\xc7\xed\xda\xbeH\n\xdb\x98\xf1\x06\xea\xbf1\x92\xc8\f;c)\x92\xf9\x04\x152\x1a\xe0\x0e\xbec\xc2Si\x82x\x1b*\xf8iqL\x8f\x82\x17\x96T\x03H\xd4\xe0~\x9f\xb2\xea\x99\x95\xb3\x87\xdd\x96\x90\xd5!\x11x\\\xf1S\v\xacL\xc6&\x00\xcb\xa1\xb8\xcb\xf0\xd5\x12D\x18\xbb\xd3\xcco+8l\xd0\xed\x95\xda)\xc8\x93\xdcp5<\xe8i\x96b|\xad\xfd', 0x40, 0x0, 0x0)

[  335.151703][   T25] audit: type=1326 audit(1622420718.588:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25975 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0
00:25:18 executing program 4:
clock_getres(0x0, &(0x7f0000000100))

[  335.212908][ T1033]  loop2: p2 < > p3 p4
[  335.217042][ T1033] loop2: p2 size 2 extends beyond EOD, truncated
[  335.223733][ T1033] loop2: p3 start 225 is beyond EOD, truncated
[  335.229990][ T1033] loop2: p4 size 3657465856 extends beyond EOD, truncated
00:25:18 executing program 1:
mq_open(&(0x7f00000000c0)='\x8b\x17\x18\xfd\"\xaa\x06\xf4\xf5\xcb\xcf\xc4\xe0\xca\x84[\xfa\x9b=\xe2\x90p\xa0\xe9H0Tx\xa5\xda\xe1\xc8\x89\xd2\xea\x96\a}\xd7f(S\xc7\xed\xda\xbeH\n\xdb\x98\xf1\x06\xea\xbf1\x92\xc8\f;c)\x92\xf9\x04\x152\x1a\xe0\x0e\xbec\xc2Si\x82x\x1b*\xf8iqL\x8f\x82\x17\x96T\x03H\xd4\xe0~\x9f\xb2\xea\x99\x95\xb3\x87\xdd\x96\x90\xd5!\x11x\\\xf1S\v\xacL\xc6&\x00\xcb\xa1\xb8\xcb\xf0\xd5\x12D\x18\xbb\xd3\xcco+8l\xd0\xed\x95\xda)\xc8\x93\xdcp5<\xe8i\x96b|\xad\xfd', 0x40, 0x0, 0x0)

00:25:18 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$char_raw(r0, &(0x7f0000000000)={""/60893}, 0xee00)

00:25:18 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$unix(0x1, 0x800000000005, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)

00:25:18 executing program 5:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0xa}}}, 0x33}]})

[  335.288327][T26044] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  335.303546][   T25] audit: type=1326 audit(1622420718.738:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26040 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x0